3 


CoAepiKaHHe 


4 CoAepmaHMe Chip CD Special "Windows Server 2003» 


6 CoeAMHuii m BnacrayM 

Teopuji M npaKTMKa opraHnaapnn /ioKa;ibHOM cern na 6aae Windows Server 2003 
M TexHMHecKne TpeOoBaHuji k cepeepHOM CTanpnn 


MHCTAJUiaUMa M HACTPOMKA 


10 OnariviaH ot Microsoft 

PaariMHHbie Bepcnn Windows Server 2003 m ocHOBHwe AocroMHCTBa hobom OC 


14 riyreBOAMTenb no MHcranafiMMii 

nomaroBaa ycraHOBKa onepariMOHHoii cucTewbi m ee nepBUHHaa HacipoiiKa 


18 C/iy>K 6 a nepenMCM 

PasBepTbiBaHne n HacrpoMKa c/iy>K6bi Active Directory 


KoaoHKa peflaKTopa 





AjieKcaHHP HeaHioK 

BbinycKaiomuP 
peflaKTop 

BeH6L^ 

3BOJ1KDI4HH 

Bee Mbi KorAa-TO 6bmn HaHHHarcuAMMH 
KOMHbioTepHbiMM noBbaoBaTeaBMn: 3ano- 
MUHaan KOHCoabHbie KOMaHAu, mbtoaom 
npo6 n omnOoK ocBanBaan OKOHHbie hh- 
Tep4>eMCbi, ynnnncb noabsoBaTbca npo- 
rpaMMHbiMM naKeraMM n HeoSxoAMMbiMM 
yrnaHTaMM. V Koro-ro stot aian saHUMa- 
er 6oobiije BpeweHH, y koto-to MeHbUje, 



22 06ii4ecTBeHHoe flOCTOSHMe 

OOiAnii Aocryn k (jrafi/ioBbiM pecypeaM, cereBbiM npuHrepaw m cepBuc WINS 

26 Mmb M3 HeTbipex OaiiTOB 

CncreMa MMeHOBaHna aomohob b raoOaAbHoii m aoKaabHOM cerax 


30 BpeivieHHan nponMCKa 

npuHpnnbi (|)yHKL(MOHMpoBaHMa M MHCTaaaapna cay>K6bi DHCP 


34 HaBOAMM MOCTbl 

OniMMuaaLiMa nponaBOAMTeabHocTU paOoTbi cern nyrew Aeaenna ee na necKoabKo 
OTAeabHbix cerweHTOB n coaAaHne oOmero Aociyna b PlHTepHer 


40 CepBepHan iviaTpeiiJKa 

HacipoMKa bb 6-, FTP-, mail-, messenger-cepBepoB, BxoAamux b cocibb OC 

1 1 1 1 1! 1 1 1 1 1 

48 3 a "OrHeHHOM CTeHOM» 

npuHpnnbi paOoTbi OpaHAMayapoB n HacipoiiKa mx paOoTbi b Windows Server 2003 

54 Ha saBMCTb Uesapio 

3aiAMTa AaHHbix nyrew mneJjpoBaHna n orpannHeHne Aociyna k cereBbiw npnnrepaM 


58 Hto AOSBoneHO lOnMTepy... 

PaarpaHMHeHkie npae Aociyna k ^aiiaaM n nanKaw na ocnoee (JraiiaoBOM 
CMCreMbi NTFS n CTparernn ALP 


62 BHyrpeHHMM Kapayn 

SaiAMia BcrpoeHHbix cepeepoB, a raxrKe OeaonacHocib yAanennoro Aociyna 


68 Hro6bi cepaep 6bm SAopoB 

Flpo4)MaaKTMHecKMe weponpnarna no oOcayrKnBanmo cepeepa 


72 CTapan pfiQipan KOHConb... 

riepBocTeneHHbie KOHCoabHwe KowaHAbi, Koropwe neoOxoAMwo anaib 


76 AMCTaHMMOHHoe KOMaHAoaaHMe 

HacipoMKa yAanennoro Aociyna k cepeepy aepea caywOy Terminal Services 


78 rioco6Me a^^ peaHMMaropa 

IlK)6aa onepapnoHHaa CMcrewa Mower Aaib c6ofi, noarowy hbao 6birb roroBWM 
K npopeAype ee BoccraHOBaenna 


HO paHO nan noBAHO mbi MoweM CKasarb: 
Aa, renepb a Bnpaee CHkirarb ce6a npo- 
ABHHyibiM KOMnbHDTepHbiM noBbaoBare- 
neM. flaabme mowho pasBHBarbca b cto- 
poHy ocBoeHHa paaariHHbiM naartpopM — 
Mac, aabrepHaTHBHbix Microsoft onepa- 
UMOHHbix CHCT6M, HanpHMep Linux nan 
Lindows. Ho, nowaayn, BeniAOM aroM 
KOMnbioTepHOM 3Boaioi4HM OyAer HaBbiK 
aacraBMTb HecKoabKO KOMnbtorepoB, 
oOrjeAMHeHHbix b cerb, caaweHHO pa6o- 
rarb BMecre, nocrkirHya reM cawbiM yMe- 
Hkie, HasbiBaeMoe aAMMHMCTpnpoBaHneM. 
BnpoHeM, craib HeaoBeKOM, nepeA koto- 
pbiM odbmHbie noab30Barean OaaroroBeioT 
B aioOoH opraHH3aL(nn, tab paSora CBaaa- 
Ha c KOMObtorepaMH, He ran yw caowHO. 
OcoOeHHO ecaw mu roBopHM o6 aAMHHM- 
crpMpoBaHHM onepaiAMOHHbix CHcreM ce- 
MePicTBa Windows, Koropue BcerAa oran- 
Haakicb ApywecTBeHHbiM HHrep4)eMCOM 
M npOCTOTOH OCBOeHHa. 

HMTaa 3T0T cneiABbinycK, nocBaiAeHHUH 
HOBeMLaeii cereBon OC or Microsoft — 
Windows Server 2003, bu caMM y6eAn- 
recb B 3T0M. BeAb ycranoBKa CHcreMbi, 
HaerpoHKa MHoroHMcaennux cepBHCOB, 
caywd h cepBepoB cobcbm He caowna, 
ocodeHHO ecaH panbiae bu padoraaM 
c Windows 2000 nan XP. EAHHCTBeHHoe, 
Ha HTO npMAerca odparnTb doabmee bhh- 
MaHMe, — 3TO Bonpocu deaonacHOCTH. 

□ pH 3T0M He CTOHT BepMTb pacnpocTpa- 
HeHHOMy cpeAH Marepux CHcreMHUx aA- 
MMHHCTparopOB MHeHHIO, HTO Ha OCHOBe 
Windows Heab3B cosAarb naAewHOM cere- 
BOH CTpyKTypu. FlonpodyFiTe caMM — h bu 
ydeAHTecb, hto 3to AaaeKO He tbk. 
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r4Q2Prft LAN Juite^QQA 


flaHHbiCi nporpaMMHbm naKer npeflociaBJisieT paaawHHbie ceieBbie 
CepBMCbl M CpeflCTBa HX aflMMHMCTpMpOBaHMfl M >KypHaaMpoBaHMfl, 
aamwmaeT KOMnbioTep OTxaKepoB, cnawa v\ BMpycoB. 3 to xoMn/ieKC- 
Hoe pemeHMe HaBepHBKa 6yflfiT npuBaeKaieabHO aoKaBbHbix ce- 
Teii He6oBbiiiMX npeAnpuBTMM BcaeACiBwe He6oBbmoti coBOKynHoCi 
peHbl BBaABHUfl. C nOMOlAbK) 3T0ti npOrpaMMbI M0>KH0 yCTaHOBMTb 
aaiAMiAeHHbm or HecaHKpMOHMpoBaHHoro Aociyna c noHTOBbiti cep- 
Bep. flociyn k HeMy Mowei ocyiAecTBBBTbca kbk nepes craHAapTHbie 
POP-KBMeHTbi, Tax M HepeB Be6-MHTep(|)etic. VciaHOBKa BxaioHeHHoro 
B AMCTpn6yTMB (jjaKC-cepBepa AacT B03M0>KH0CTb Been noabaoBaie- 
BBM CeiM npUHHMaib M OTnpaBBBTb cjjaKCbl. C nOMOlAbK) K3UlHpyiO- 
lAfiro npoKCM-cepBepa noabBOBaieBU CMoryr 6oaee 3(j)4)eKTMBHO 
McnoBb30BaTb AocTyn b MHTepHei. flaa Hero mo>kho 3aAaib npaBwaa 
IP-4)MabTpapi1M M BaXpblTb Tpa(j)MK abb HeXOTOpblX y3BOB ce™. Ecbm 
y Bac B03HHKHeT nOTpe6HOCTb B He6oBbllJOM MH(j)OpMaAMOHHOM CTpa- 
HMHxe 0 KOMnaHHM, noBe3HbiM OKarxeicB BCTpoeHHbiii Be6-cepBep. 
PlerKMti B Hacipotixe oh noAAeprKHBaer nporpaMMHbie HHTepcjjeMCbi 

Pasted, CGI M IDAPI, 
BHpryaBbHbm xocthht 
M aaiAMiy HHtj)opMapnM 
no npoTOKOBy SSL 
ycnoBim paenpoerpa- 
HeHMfl: trialware 
flabiK MHTepctieMca: 
anmHMCKHii 
CaiiT npoM3BOAMTe/ia: 
www.software602.com 


Ha6op yiMBHT, 6e3 xoropbix He o6oiiAeTCB hh oamh oamm- 
HMCTpaiop ceiM. KawAaB H3 hmx npeAOCTaBBBeT HH(t)op- 
MaL(MK) 0 BOKaBbHOii CHCTeMe, CeieBblX nOAKAIOMeHMBX, 
BKBioHeHHbix cepBMcax M OTKpbiTbix Hopiax Ha yAaBeHHbix 
KOMHblOTepaX, perMCTpapWOHHblX AaHHbIX AOMeHOB 
M 0 MHoroM ApyroM. Taxwe MMeeicB Telnet-K/iMeHT. 
ycjiOBMB pacnpocTpaHeHMH: trialware flabiK iiHTeprtieiica: 
anmHMCKHii CaiiT nponaBOAMTejin: www.ks-soft.net 




rZoneAlarm Pro 4.5 


HeApewBioiAMe xaxepbi CKaHwpyioT ceib b noMcxax naseex Ha Kownbioiep, htoGn noBynwib 
BHHHyio M 4)MHaHcoByio MHrtiopMapMK). fla>Ke o4)MAnaBbHbie Be6-caMTbi McnoBbayioT weio- 
Abi ujnMOHa>Ka, laxwe xax cookies, KOTopbie 0Tcne>KMBai0T Baujy BMMHOCTb m npeAnonieHHB 

B npocMoipe CTpaHHp. A eenw Bbi noAKBioHeHbi 
K BoxaribHoii ce™, to yrposa BTop>KeHMB m ne- 
caHKAMOHMpoBaHHoro AOCTyna k MH(|)opMa4MM 
BoapacTaei WHoroKpaiHO. B tbkmx ycnoBMBX 
He o6oMTMCb 6e3 nporpaMMHoro mma ot aiax 
M3BHe — firewall. OAHa H3 Han6oBee nonynBp- 
Hbix nporpaMM aioro x/iacca — ZoneAlarm. HaAO 
OTMeTMTb, HTO nO CpaBHeHMlO CO MHOrHMM aHajio- 
rHHHbiMM nporpawMaMM ot Apyrwx npon3BOAMTe- 
neii c 6oBbiiJMHCTBOM HacTpoeK ZoneAlarm nerxo 
pa3o6paTbCB. flocne nepBoro aanyexa wizard 
npoBBAeT Bac nepea npopeAypy ycranoBKH naw- 
6onee Ba>KHbix napawerpoB, nocBameHHbix cere- 
BOfi 6e30naCH0CTM. DoMHMO 06blHHblX (jryHXAMM 
OpaHAwayapa Aannan nporpawMa TaK>Ke Mower CKaHMpoBaib 
noHTOBbie cooGipeHHB Ha npeAMer HariMHHB b hmx BpeAOHOCHoro KOAa, Bbipeaaib GaHHepu 
c Be6-CTpaHM4 m npeAOTBpaiAarb ornpaBKy b klHTepHer KOHttiMAeHpMa/ibHOM MH(t)opMa4MM. 
ycaoBMB paenpoerpaHeHMfl: trialware flabiK MHTepc|)eMca: anmMMCKMM CaiiT nponaBOA^- 
TeAB: www.zonelabs.com 


(lPIoolsZ.20 


CoAepwaHne 


CHIB 


SPEC 




#11 


fSoftware Update Services I 


ripMHMHOM B3A0Ma 
KOMnblOTepHbIX 
cereii nacro bbbb- 
ercB HeBHMMa- 
reabHOCTb mbm 
B eHb CMCTeMHOrO 
aAMMHMCTparopa, He yCTaHOBMBmero BOBpeMB xpMTM- 
neexMe sannaTXM m obHOBneHMB Ha cepBepe. Oambko 
oGnoBBeHMB BbinycxaioTCfl nyib nv\ He eweAHeBHO, 
a BMAMMbIX M3 PlHTepHeTa CepBepOB MBM KOMTblOTe- 


poB B BOKanbHOM ceTM npeAnpMB™fl Mower 6birb 
HeCKOBbXO. B CBB3M C 3TMM nOAASpWKa 3aiAMTbl 
Ha AOBWHOM ypoBHe npeapaiAaercB b pyTMHHyio 
M o6peMeHMTeBbHyio pa6ory. ABTOMaTM3MpoBarb 
3T0T npopecc npM3BaH HOBblii MHCTpyMeHT OT 
Microsoft — Software Update Services (SUS). 3tot 
naxer no3BOBBer aAMMHMCTparopy 6bicrpo ycraHO- 
BMTb BawHeiimMe oGnoBneHMB Ha cepeepax, pa6ora- 
xriAMX noA ynpaBBenneM Windows Server 2000 m 
2003, a Taxwe Ha paGoHMX craHpMBX c Windows 2000 


Professional mam Windows XP Professional. Pa6ora 
c SUS BbimBAMTTax: nocne CMHxpoHMBapMM c cepee- 
paMM Microsoft Windows Update aAMMHMCTparop 
Bbi6Mpaer, xaxMe o6HOBneHMB 6yAyr AocrynHbi nonb- 
BOBareriBM. 3areM xoMnbXJTepbi BoxanbHOM ceTM, 

Ha xoTopbix ycTaHOBneH xaneHT Automatic Updates, 
no pacnMCaHMX) noByHaxjT 3tm o6HOBneHMB. 
ycjiOBMB pacnpocTpaHeHMB: freeware 
flabiK MHTepcjseMca: aHrnMMcxMM 
CaiiT nponaBOAiiTeAB: www.microsoft.com 
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HeCMOTp!! Ha TO 
HTO o^epa^noH- 
Has CMCTeMa 
Windows Server 
2003 npeflHasHa- 
HeHa npe>Kfle 
Bcero flan hc- 
noabSOBaHMfl 


B KanecTBe cepBepa, MHome noabaoBaieaM ciaBBT 
ee M Ha oObIHHbie KOMHblOTepbl. OflHaKO pflfl MyabTM- 
MeflMMHblX B03M0)KH0CTeti M npMBbIHHbIX HaCTpoeK 
HHTeprjjeMCa noyMoaHaHMto 3a6aoKnpoBaH. Boab- 
UJMHCTBO 3TMX HaCTpOBK MOWHO cfleaaTb BpyHHyto 


M npeBpaTMTb Windows b nofloOwe onepamioHHOM cm- 
CTeMbi flaa paOoHnx cianmiii. 
flaHHaa nporpaMMa aBTOMaTH3MpyeT 3 tot npopecc 
M CHa6)KaeT noflCKaaiOMH no xarKfloii H3 HacipoeK. 
Tax, HanpwMep, mo>kho OTxaioHMTb HafloeflaiomMii npw 
Ka>Kfloii nepesarpyaxe BBOfl CtrL+Ait+Dei h Shutdown 
Event Tracker. Taxrxe H3 3 toh y™anTbi mo>kho yanaib 
0 coBMecTHMbix c OC aHTHBHpycax, firewall m APyrwx 
™nax nporpaMM wan ycTanoBHTb ciaHflapTHbie wrpbi 
Windows (Aaa aroro noTpeOyeica ahcx Windows XP). 
ycJiOBM!) pacnpocTpaHeHM!i: freeware 
fl3biK MHTepctieMca: amnmcKwiA 
CaiiT npoii3BOA>iTeafi: www.hot.ee/salasource 


fAvant Browser ) 

Ciporo roBopa, Avant Browser He Opayaep, 
a HaACTpoCixa HaA Internet Explorer, npeAO- 
CTaBaaxjiAaa MHorxecTBO yAoOnbix n noaea- 
Hbix B03M0>XH0CTeM. flaa ax)AeCi, axoHOMa- 
lAMX Tparfrnx, noaeaHbiMM 6yAyi XHonxn 6bi- 
CTporo OTxaxjHeHMa/BxaxjHeHMa xapTMHOx, 

(jiasiu-aHMMapmi m BcnabiBaxriAMX oxoh. Bo- 
o6me HyBCTByeTca, hto paapaOoTMMXM yA6an- 
an MHoro BHMMaHna yAoOcTBy nHTep(|)eMca. 

HanpMMep, yAeprxHBaa npaayx) xaaBMiijy 
MbiujM M Ha>xaB aeByx), bn nepeMecTMiecb 
Ha npeAbiAyuiyx) BeO-cipaHnpy. Haaraine 
xaaBMUj B oOpaTHoCi nocaeADBareabHOCTM npMBeAST Bac x caeAyxriAeri cipaHHue. ElporpaMwa paOoTaer 
B MHorooxoHHOM pe>KMMe M OTxpbiBaeT HOBbie CTpaHMAbi BO BxaaAxax. floCTynen pyccxnri MHTeprjjeMC h 
pa3Hoo6pa3Hbie cxmhn. Elpri ycTanoBxe nporpaMMa nonpocMT aanoaHHTb (jiopMy c akiHHoti HH(|)opMami- 
eii M onTHMMCTHHHO 3aBepnT Bac, HTO 3T0 oocaeAHaa rjjopMa, xoTopyx) npMXOAMTca aanoanaTb apyanyx). 
Tax xax Opayaep BxaxraaeT b ce6a AI RoboEorm — MeneA>xep napoaeii m aanoaneHMa (})opM. 3 tot mo- 
Ayab coxpaHaeT HcnoabayeMbie BaMM opn Be6-cep4)HHre napoan m ujn4)pyeT nx. Taxrxe oh aanoanaeT 
4)opMbi, aBTOMaTMHecxH HarxMMaeT XHonxM «Login/Send», renepripyeT napoan. 
ycaoBHB pacnpocTpaHeHMB; freeware MHTepc|}eiic: pyccxnti CaiiT npon3BOA>iTeaa: www.avantbrowser.com 



fFriendlv Chat 4.5.6 'l 

nporpaMMa 
Aaa opraHMsa- 
4MM HaTa B ao- 
xaabHoii ceTn. 

He TpebyeT 
BbiAeaeHHoro 
cepBepa. PlMeeT BCTpoeHHbiii IRC-xaneHT, bbto- 
OTBeTHMX, 3ByxoBbie CMTHaabi, Aocxy obbaBaeHMH, 
aanncHyx) XHn>xxy, rxypHaabi, B03M0>XH0CTb nocN- 
aaTb npMBaTHbie coobmenna n MHoroe Apyroe. 

Tax>xe AOCTynHO boabiaoe xoanaecTBO nacTpoex 
MHTeprjjeMca. PlHTepecHoti n noaeaHoii (jjyHxpneii 
nporpaMMbi aeaaeTca co3AaHne AncTpnbyTMBa aara 
CO CBOMMM cneAM(t)MaecxnMM HacTponxaMM. Taxoti 
AHCTpn6yTHB mo>xho aareM nepeAaTb ApyrnM noab- 
30BaTeaaM aoxaabHoii cern, hto C3xohommt BpeMa 
Ha ee xonijairypnpoBaHMn. 
ycaoBiia pacnpocTpaHeHiia: freeware 
flabiK MHTepc|)eiica: aarnmcmw CaiiT nponaBOAn- 
Tean: www.kilievich.com/rus/fchat 



fyisualRoute 8.0a 

C nOMOlAbX) 3T0ii 
nporpaMMbi aerxo 
yauaTb MapmpyT, 
no xoTopoMy TCP- 
naxeTbi npoxoAar 
OT Bac AO nynxTa 
Ha3HaaeHna. Ha 
xapTe MMpa mo>x- 
Ho yBMAeTb, B xa- 
xoii CTpane pacnoaorxeH xoCTMur Toro nan nnoro Beb- 
caiiTa. nporpaMMa BcrpanBaeTca b Internet Explorer, 
n npoM3BecTn traceroute mo>xho Bceroanujb oahmm 
xanxoM Mbimn. Tomumo 3Toro nporpaMMa OTobparxaeT 
perMCTpapnoHHbie AOMeHHbie AaHHbie, noayaeHHbie ot 
cayrxbbi Whols. BcTpoeuHaa yananra eMailTracker ot- 
caerxnBaeT nyrb npoxorxAeHna e-mail coobmeHnti 
AO npoBaiiAepa noaroBoti cayrxbbi. 
ycaoBMH pacnpocTpaHeHMB: trialware 
fl3biK MHTepc|)eiica: aHranilcxnn 
CaiiT npoM3BOABTeaB: www.v1sualware.com 




fWarflRDaemon 1.^2—) 

Pa3BMBaeMaa 
c 1996 roAa n 
no ceil A6Hb, 

3Ta nporpaM- 
Ma no npaey 
BBaaeTCfl oa- 

HHM M3 HaM- 
boaee nony- 

aapHbix ETP-cepBepoB. OHa obaaAaeT oaeHb bnco- 
xoii cxopocTbX) paboTN M Maao 3arpy>xaeT CMCTeMy. 
OcHOBHaa yTMaMTa, xoTopoii noabayeTca aAMMHM- 
CTpaTop Aaa obcayrxMBaHMa cepBepa, — 3to War 
Daemon Manager. B ee raaBHOM oxne npeAOCTaBae- 
Ha MHijJopMaAMa ob axTMBHbix noAxaxraeHMax, 3any- 
lAeHHbix cepBepax, noabaoBaTeaax m 4)atiaax, Bbiao- 
weHHbix Ha ETP. KpoMe Toro, ecTb yAobubiii User 
Manager. Oh no3BoaaeT aAMMHMCTpaTopy peAaxTM- 
poBaTb CBoiicTBa M npaBa AOCTyna noabsoBaTeaeii. 
UporpaMMy AOBoabHO aerxo ycTanoBMTb m nacTpo- 
MTb. Bam ETP b npocTeiimeM xoncJiMrypaAMM byAer 
paboTaTb y>xe aepe3 naTb MnnyT nocae nncTaaaa- 
AMM. Ecan neobxoAMMO pemnTb boaee caorxnyx) 3a- 
Aaay, TO Aaa McxymeHHbix noabaoBaTeaeii War FTP 
npeAOCTaBaaeT orpoMHoe xoanaecTBO nacTpoex 
no aBTopnaapuM, rxypHaanpoBaHMX) n noBbimeHMX) 
np0M3B0AMTeabH0CTM cepBepa. 
ycAOBMH pacnpocTpaHeHMa: freeware 
flabiK MHTepctieiica: anraMMcxMM 
CaiiT npoM3BOAMTeaa: www.jgaa.com 



AAMMHMCTpMpOBaHlie: 


ServersCheck SE, Remote Desktop Connection, Resource 
Kit Tools, Servers Alive 4.0.1376, VisualRoute 8.0a, Web 
Application Stress 1.1, Angry IP scanner 2.20, 
CommTraffic 2.02, Application Compatibility Toolkit 3.0, 
Administration Tools Pack v. 3790, IP Tools 2.20, Aida32 


EeaonacHOCTbi 


ZoneAlarm Pro 4.5, Norton Internet Security 2004, Tiny 
Personal Firewall 5.0, Armor2net Personal Firewall 3.12, 
602Pro LAN Suite 2003, Kerio WinRoute Firewall 5, Eset 
N0D32, F-Secure Anti-Virus 5.41, F-Secure Policy 
Manager, F-Prot Antivirus 3.14, TrendMicro Server 
Protect 5.5, Access Manager 1.3, Digital Identity 1.0.18, 
Zero Footprint Crypt 3.0, 



Software Update Services, War FTP Daemon 1.82, MySQL 

4.0. 17 for Win32, Encrypted FTP 3.1.4.84, Apache 

2.0. 48, Xitami 2.4dl0, Copernic 2.01 



Friendly Chat 4.5.6, mIRC 6.12, ICQ Pro 2003b, Bersirc 
1.40, Intranet Chat 1.20, Miranda 0.3.2 


BoHyc; 


Win 2003 Optimize Tool 1.44, Tune Up Utilities 2003, 
Your Uninstaller! 2003, Tweak UI, Acronis PartitionExpert 
2003, Style XP, MyIE2 0.9.12, Opera 7.23, Avant Browser 
8.02, AceFTP 3.01.0, WinHT Track Website Copier 3.30, 
Java Runtime Enviroment 1.4.2, IZArc 3. 4.1. 5, ZipGenius 
5, PicoZip 2.8, MakePDF for Word 5.0, Visio Viewer 2003, 
Advanced Effect Maker Freeware Edition 1.0, Hexplorer 
2.17, IsoBuster 1.5, Asterisk Key, Winamp 5.01, Blaze 
Media Pro 5.0 



Ha6op obHOBiieHUM, DirectX 9.0b, MSXML 4.0 


ApaiiBepbi; 


NVIDIA, ATI, Iomega 
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CoeAHH5IH 

II BiiacTByM 

CePiMac, b bgk MHcjDopMauuM, ciaHOBjiTCB Bce 6 o;iee aKiya/ibHbiMM npo- 
6 ;ieMbi, CBjiaaHHbie c >Ke;iaHneM npocibix no/ibsoBaie/iePi HMeib Aociyn 
K pas/iuMHbiM ceieBbiM nHcjDopMaunoHHbiM pecypcaM. Bce b 6 o;ibiueM ko- 
/iMMecTBe paPioHOB Mockbbi (h He to/ibko) nojiB/iyiiOTcyi ;ioKa;ibHbie cein, 
o 6 'beAHHfiioiAMe Aowa m pe;ibie y/iMpbi. 


H to HywHo CAe/iaTb, ec/in B03HHK/ia 
Heo6xOAMMOCTb nOCTpOMTb B 0(J)MCe 
MjiM noAtesAe ;ioKa;ibHyio ceib, 3a- 
nycTMTb Be6-cepBep? Ec/im Baw Hapo npeAo- 
craBMTb B o6iAee no;ib30BaHMe 6o/ibujoe ko- 
;iMHecTBo (jjaMJioB, npuHTepoB, o6ecneHHTb 
HaAJie>KaiAyK) aaiAnry kbk ot BTop>KeHMfl m- 
BHB, TaK M OT MBKOppeKTHblX ASMCTBUii HO/lb- 
30BaTe/ieM, m wHoroe Apyroe? PemeHne 6o;ib- 
muHCTBa 3TMX aapaH ;io}KMTCJi na n;ieHM cep- 


BepHblX OC, pa3;iMHHblX BapnaHTOB KOTO- 
pbix ceMHac cyiABCTByei AocraTOHHo mhoto. 

Ho ceroAHJi mw 6yABM roBopuTb o Microsoft 
Windows Server 2003. flonpodyeM paso- 
OpaibCfl B TOM, HTO Hy>KHO paOoTbl 3TOM 
CMCTeMbi, M onpeAeriMM onpaBAaHHocTb ee 
MCno/ib30BaHnn b pasjiMHHbix cuTyaAnnx. 

B KanecTBe cepBepHoii OC Windows Server 
2003 Bbidpana naMW no neCKonbKMM npnnn- 
HaM. Bo-nepBbix, 3to caMas cBerKas n coBpe- » 
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fl;in cepeepa Hana/ibHoro ypoBHn noAOMAer naara, nocTpo- 
eHHan c HcnoabsoBaHHeM HHnceTa Intel 865PE 


Ecnn cepBep ocHaiiteH npoLteccopoM AMD, ctoht o6paTHTb 
BHHMaHHe Ha n/iaTbi c HnnceroM NVidia nForce 2 



» MeHHaa OC, HTo yme cawo no ce6e BbiabiBaer k 
H6M nOBbimeHHblM HHTepeC. Bo-BTOpbIX, OCHOB- 
Hoii ee KOHKypeHT Linux c/iownee b nacTpon- 
K6 M McnoabaoBaHMM, hto cobcbm ne roBopnr 
0 6oabmeM nafleWHOCTM n npon3BOflHTeabHO- 

CTH raKMx cncreM. B KanecTBe npnwepa mowho 
npwBecTM c/ieAytomne flannwe — peayabiaTbi 
neaaBMCUMoro cpaBHnreJibHoro TecTnpoBannji 
Windows NT 4.0, Red Hat Enterprise Linux ES 
2.1 M WS 2003 noKaaaau npenMyipeciBo no- 
caeflHeii b nponaBOflUTe/ibnocTu na 50-100%. 
BneHaTrunoipnM peaynbrar. He wenee KpacwBo 
BbiraflAMT npuMep u c /Iohaohckom 6»pme», rAe 
noA ynpaBnenneM w2k3 paOoraioTTbicjiHM rep- 
MMua/ioB M npu 3TOM aanasAbiBanne oToOparxe- 
HMfl MHrjropMapmi na KarxAOM na hmx ne npe- 
Bbimaei oahom cexyHAbi. 

licTopiin pasBMTiin 

CeMeiicTBo Windows Server 2003 — aro 
AajibHeiimee paaBmne naaicfiopMbi Windows 
Server 2000. Ho, BnepBbie nocMoipeB na 
MHTep(|)eMC HOBoii CMcreMbi, neBo/ibno no- 
BMiub ce6a na tom, hto rAe-TO 3to yrxe BWAea. 
M AeiicTBMTeabHo, noHTn nonnoe cxoactbo c 
Windows XP (ocoOenno ecan b XP OTKnioHMTb 
CTMan oToOparKennji). KoneHHo, ne ctomt aa- 
ObiBaTb 0 tom, hto b cepBepnoM OC npncyT- 
cTByeT 6o/ibmoe KoannecTBo cneLtnaaManpo- 
BauHbix cayrxO, n o tom, hto nocae BwxoAa 
Windows XP peryaapno BbinycKaancb paaann- 
Hbie McnpaBaenna k 3tom cncTeMe (TaKWM o6- 
paaoM, ToabKo hto ycTaHOBaennaa w2k3 na- 
AerxHee n ycTOMHMBen, hbm Taxaa rxe XP, 

B MAeaae, KoneHHo). PaapaOoTHMKn nonwTa- 
ancb CKpecTMTb ypoOcTBO n HaAewHOCTb 
Windows XP c secbMa ycnemnoM, ho «Ta>Ke- 
aoM» cepsepHOM naaTc()opMOM w2k. Hapo 
cxaaaTb, hto 3to noHTn noayHMaocb, m neao- 
Bexy, MMexMAeMy onbiT paOoTw c w2k (a ayn- 
me c XP), 6yAeT AOBoabHo aerxo ocBOMTbca 


C HOBOM OC. XoTB, XOHeHHO, eCTb HOXOTOpbie 
oTaMHMa M HOBbie TexHoaorwM. 

Windows Server 2003 BbinycxaeTca b ne- 
Tbipex Bepcwax, xoTopwe nocTpoeubi c mc- 
noabaoBaHMeM oahoto peHTpaabHoro appa, 

HO npeAHaananenbi pj\!\ BbinoaneHMa paaawH- 
Hbix aaAan. PloApoOHoe onMcanne xarxAOM na 
HMX MorxHo HaMTM B caeAyxHAeM cTaTse. 

Mbi )xe B xanecTBe npuMepa 6yAeM pac- 
CMaTpMBaTb BepcMX) Standard Edition xax na- 
MOoaee yAoOnyx) m papMonaabHyx) b caynae 
ynpaBaenna nedoabiuMMn ceraMM. 

Bbi6op KOH(|>iirypai 4 iiii 

Ho AaHHbiM caMoii Microsoft, Aaa aanycxa cmc- 
TeMbi (MMHMMaabHO HBoOxoAMMaa xoH(|)Mrypa- 
pna) Ha 6aae Server 2003 AocTaTOHHo Pentium 
(nan anaaorMHUbiM nponeccop ot AMD) 

133 Mfp M 128 MOaiiT onepaTMBHoii naMaTM. 
KoHeHHo, 3TO 6oabme noxorxe na Teopnx), Tax 
xax Ha npaxTMxe bw, MorxeT, m aanycTMTe cm- 
CTeMy Ha TaxoM annapaTHOM oOecneneHMM, 

HO AodMTbca oT Hee Hero-anOo ToaxoBoro ne 
yAacTca. Boaee npaBAonoAodno BwraaAaT pe- 
xoMeHAyeMbie xapaxTepncTHXM: Pentium 
550 Mfu M 256 M6aiiT 03V. flpMBeAeHHbie abh- 
Hbie cnpaBeAaMBbi Aaa Standard m Web Edition 
M naaT())opM na 6aae x86-coBMecTMMbix npo- 
peccopoB. flaa Bcex BepcMir noTpebyerca ot 
1,5 AO 2 rbaMT AMCXOBoro npocTpancTBa. Cto- 
mt noMHMTb, HTO B 6oabujMHCTBe cayHBeB Aaa 
HOpMaabHOM pa6oTbl HeobxOAMMO «yMHO- 
)XMTb» pexoMeHAyeMbie TpeboaaHMa na Asa. 
TaxMM obpaaoM, Aaa aanycxa m noaHopeHHOM 
paOoTbi cpeAHecTaTMCTMHecxoro cepaepa 
w2k3 HeobxoAMM xoMnbxrcep Ha 6aae npopec- 
copa Pentium ot 1 Tfp c 512 M6aMT naMaTM 
M OT 4 T6aMT AMCxoBoro npocTpaHCTBa. 3 to He 
Taxyrx mhoto na ceroAHaiuHMM ashb m ne 
CMabHO OTaMHaeTca ot TpeboBaHMM, npeAtae- 
aaeMbix Windows 2000 Server. 


riepeA TeM xax nanaTb ycTanoBxy hobom 
CMCTeMbi, caeAyeT yOeAMTbca b tom, hto anna- 
paTHaa nacTb xoMnbXJTepa coBMecTMMa c ho- 
bom OC. VaHaTb 0 cobmoctmmoctm c Windows 
Server 2003 paaaMHHwx ycrpoMCTB mo>xho ms 
Hardware Compatibility List (HCL), xoTopbiM 
pacnoaorxeH na caiiTe Microsoft. 

B xanecTBe npMMepa mo>xho npMsecTM 
xoHrJjMrypapMX) xoMnbxrTepa Aaa Mcnoabao- 
BaHMa B xanecTBe xoHTpoaaepa AOMena, 
(Jraiia-cepBepa m cepeepa nenaTM (rax >xe 
MorxHo aanycTMTb na HeM maxra AocTyna 
B HHTepneT). floMHa o npaanae «yMHo>XMTb 
Ha AB3», 6yAbTe roTOBw x TOMy, hto BaM no- 
HaAobMTca 512 m 6oaee M6afiT onepaTMBHOM 
naMaTM. Tohhwm ee o6i.eM aasMCMT ot xoh- 
xpeTHbix aaAUH m xoaMnecTBa noabaoeaTeaeM 
B ceTM. HanpMMep, na ceTb, xoTopaa coctomt 
Ma 25 MaujMH, rAe cepsep Mcnoabayerca xax 
xoHTpoaaep AOMena, maxra m (JraMa-cepBep 
(BoaMorxHo m xax cepsep nenaTM), 512 M6aMT 
6yAeT Bnoane AocTaTOHHo. Ecan bh npeAno- 
aaraeTe McnoabaosaTb cepeep TepMMHaaoB, 

TO naMaTM noHapoOMTca 6oabiue. ObteM >xe- 
cTxoro AHCxa He Tax sarxen — Bce aaBMCMT 
OT xoaMHecTBa MHtJjopMapMM, xoTopyx) Bbi by- 
AeTe xpaHMTb na cepeepe. 

Ocoboe BHMMaHMe ctomt yAeaMTb Bwbopy 
MaTepMHCxoM naaTbi m xopnyca. flpM Bwbope 
xopnyca caepyeT obpaTMTb BHMMaHMe Ha xane- 
CTBO CMCTeMbi oxaa>xAeHMa m HaAerxHocTb bao- 
xa HMTaHMa, Tax xax cepaep, b oTaMHMe ot pa- 
boHeii CTaHpMM, npaxTMHecxM HMxorAa He 
BbixaxrnaeTca m paboTaeT ropaaAo boabiaee xo- 
aMHecTBo BpeMeHM. Ctomt obpaTMTb BHMMaHMe 
Ha npoAyxpMX) ASUS Man ThermalTake. Boaee 
AeiaeBbie, ho naAerxHbie xopnyca AeaaeT xoMna- 
HMa Inwin. HacTo na MaaepMHCXMx naaaax npM- 
CyTCTByXTT BCTpoeHHbIM CeTOBOM XOHTpOaaep 
M Serial ATA Man npoCTO IDE RAID-xoHTpoaaep 
M cereBOM aAanrep. 3tmm mo)xho BwroAHo boc- » 
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» no;ib30BaTbCfi. Hcno/ib30BaHne RAID-waccuBa b 
c;iyHae c cepsepoM 6o;iee hbm onpaBflaHo. Kbk 
ywe roBopn/iocb, cepBep pa6oTaer 6o/ibiue, hbm 
B ce ocra/ibHbie KOMnbiOTepbi b cern, m HarpyaKa 
Ha flMCKOByio nopcMCTeMy flocTaroMHo Be/inKa, 
HTO yBe/IMHMBaer BepOBTHOCTb BbIXOfla )KeCTKHX 
flMCKOB M3 crpofl. H K3K C/ieACTBMB 3Toro — 
ocraHOBKa cepBepa, a bo3mo>kho, m norepB ash- 
Hbix. RAID-waccMB m cymecTByer pj\!{ roro, hto- 
6bi M36eraTb noAoSHbix HenpMflTHocreM; cawbiii 
npocTOM BapMaHT era Mcno/ib30BaHMji — rax 
Ha3biBaeMoe aepKajiMpoBaHMe. 3tot pewMM pa- 
6oTbi npeACTaB/iBer co6oii CMcreMy m 3 HecKOJib- 
KMX WeCTKMX AMCKOB, MH(j)OpMaAMfl H3 KOTOpbIX 

Ay6;iMpyeTCB. H b c/iynae ho;iomkm oahofo 
M3 HDD, BXOAJupero b t3kom waccMB, bckj h6- 
o6xOAMMyK) MHtJjOpMaHMK) MO)KHO HpOHMTaTb 
c Apyrara. EcTb eipe oah 3 xMipocib, cBflaaHHas 
C WeCTKMMM AMCK3MM. PeKOMeHAyeTCB Mcno/lb- 
30B3Tb A/1» yCTaHOBKM CMCTeMbI M HO OAMH 
AMCK M/1M pa3Ae/i, a A-H51 xpaHeHMfl paHHUx Apy- 
roM. Tax Bbi ySepewere ce6B ot npo6;ieM, cbb- 
aaHHbix c nepeycraHOBKOM cMCTewbi, m/im b c;iy- 
Hae cepbe3Hbix Heno/iaAOK b ee pa6oTe, Korpa 
B03HMKaeT Bonpoc: «A xyAa we 6biCTpo coxpa- 
HMTb T3KOM o6'beM MH(J)OpMai4MM?» 



TaK K3K cepsep npaKTHHecKM HHKorAa 
He BbiKaiOHaeTcn, c;ieAyeT oco6oe 
BHHMaHHe YAe/iMTb 6;ioKy nHTaHHd 


0ah3ko, K3K noKaabiBaer npaKTMxa, MHier- 
pMpoBaHHbie Ha MaiepMHCKyK) n/iaiy RAID- 
KOHTpo;i/iepbi name Bcero pa6oTaioT neycroM- 
HMBo. Huenno noaioMy mowho nopexoMeHAo- 
B3Tb Mcno/ib30BaTb H3 cepBepe Aono;iHMTe/ib- 
Hbie RAID-xoHTpo/ 1 /iepbi (xax npaBM/io, PCI- 
HJiaTbi). CpeAM HMX xopomo noAOMAyT A-fiJi 
cepBepa Hana/ibHoro ypoBHH moab/im, no- 
cTpoeHHbie Ha 6a3e hmhob Promise PDC 20376 
M HighPoint HPT374. 

A HTO we MaTepMHcxMe njiaibi? fl/ia co3Aa- 
HMB Hennoxoro cepBepa HanaribHoro ypoBHH 
npaxTMHecxM MAea/ibHo noAOMAyT MarepMH- 
cxMe nnaibi, nocrpoeHHbie na 6aae HMnceroB 
Intel 875P m/im 865PE. He ctomt Mcnonbao- 
B3Tb 6onee Aoporne cepeepHbie nnarw b ao- 
waiiJHMx ycnoBMfix. 3to ne onpaBAaei aarpa- 
HeHHbix Aener. Ho b tom cnynae, ecjiM Bama 
ceTb HywAaeTCB b cepBepe Bwcoxoro ypoBHsi, 
nyHiue Bcero npMCMOTpeTbcn x nnaTaM na 
HMHceTax Intel E7501 m Intel E7505. 

0 npoAyxpMM xoMnaHMM AMD Towe nenban 
cxaaaTb HMnero nnoxoro. Windows Server 2003 
6yAeT npexpacHo paOoTaTb na 3 tom nnaT(|)opMe. 
B xanecTBe MarepMHCXMx nnar Ann npopecco- 
poB AMD MMeeTCMbic/1 Mcno/ib30BaTb nocTpoeH- 
Hbie Ha 6aae HMnceTa NVidia nForce 2. Pens, 
ecTecTBeHHo, mabt o 32-pa3pnAHbix npopecco- 
pax. XoTB ceMHac AocTynnsi m pemenMn na 6aae 
64-6MTHWX Athlon 64 m Opteron. PIpM Mcnonb- 
30BaHMM 64-pa3pnAHbix npopeccopoB nonaAo- 
6 mtcji nnara na HMnceTe NVidia nForce 3. 

EcTb eipe OAMH Bawnwii xoMnoneHT 6y- 
Ayipero CMCTeMHoro 6noxa — naMfiTb. Onenb 
HacTo HecTaOMnbHan pa6oTa CMCTeMw BwaBa- 
Ha MweHHo HexanecTBenHOM naMSTbx). PIpM 
noxynxe xoMnnexTyxripMX hboOxoammo o 6- 
paipaTb oco6oe BHMMaHMe na mx xanecTBo. 
rioMHMTe, HTO Ann cepaepa rnaBHoe — 
HaAewHocTb M CTa6M/ibH0CTb B paOoTO, 


no3TOMy Bbi6MpaMTe npoAyxpMX) ot MsaecT- 
Hbix M npoBepeHHbix npoM3BOAMTeneii. 

C APyrOM CTOpOHbl, B 6M3HeC-CMCTeM3X, 
ocfiMcax M Be3Ae, rpe TpeOoBaHMn x aa 6 mb- 
HOCTM M HaAewHocTM 6onee bwcoxm, newenM 
B AOMaiuHMx ycnoBMnx, anonne norMHHo OypeT 
npMoOpeCTM roTOBbiM cepaep ot MsaecTHoro 
npoM3BOAMTe/in. fleno b tom, hto TaxMe xom- 
nbXTTepw MSHananbHo opMeHTMpoBanbi na no- 
Ao6Hbie 3aAaHM. C OonbinoM aeponTHocTbX) 
MowHo cxaaaTb, hto ohm 6yAyT paOoTOTb Aon- 
ro M HaASWHo. K TOMy we bw nonynaeTe non- 
HopeHnyx) TexHMHecxyx) noAAep>Kxy ot npo- 
M3BOAMTenn, hto npnnTHo. CaMOMy coOpaTb 
cepaep m 3 xoMnnexTyxripMx, onMcaHHwx bw- 
me, Towe mowho, ho onpasAano To/ibxo b tom 
cnynae, ecnM bw xopomo 3HaeTe, Hero xotmto, 

M He MoweTe h3mtm noAxoAnipyx) roToeyx) 
xoH(|)Mrypa4MX). PIpM 3tom ctomt ocoanaBaTb, 

HTO CTOMMOCTb T3XOM CMCTOMbl He 6yAeT CM/lb- 
Ho OTnMHaTbcn OT roTOBoii, a npoTecTMpoBaTb 
M noAoOpaTb Bce annapaTHwe cocTaB/mxriAMe 
Tax, xax 3TO AenaxjT xpynnwe npoM3BOAMTe/iM, 
6yAeT AOCT3TOHHO cnowHo. 

CereBoe o6opyAOBaHiie 

rionpo6yeM cxeMaTMHHo npeACTaBMTb ce6e 
npopecc ycTanoBKM HeOonbuioM noxanbHoii ce- 
TM noA ynpaeneHMeM cepeepa na 6aae Windows 
Server 2003 c bwxoaom b l/lHTepneT b ycnoBMnx 
noATiesAa. PIpeAnonowMM, hto b noAtesAS mmo- 
eTcn nnTb xoMnbx)Tepoa. A Tax we AoroBopMM- 
cn, HTO 6yAeM cTpoMTb ceTb na 6aae npoBOAHoii 
TexHonorMM Ethernet no xnaccMnecxoM cxeMe 
«3Be3Aa». BaM nonaAoOnTcn ceTeewe xapTw, 
ceTeBOM xoMMyTaTop (switch) m/im xoMpeHTpa- 
Top (hub), onpeAeneHHoe xonMnecTBo xa6e/in 
TMna BMToii napw (/lynuie nnTOM xaTeropMM) 

M xoHHexTopw RJ-45. Ha oamh m3 xoMnbx)Te- 
poB, xoTopwM Bbino/iHneT ponb cepaepa m boa- » 
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CeTCBbie KapTbi DFE-530TX npoHSBOACTBa KOMnaHMH D-Link, 
MO>KHO Hcno;ib30BaTb B CBTAX ;iio6oro pasMepa m Tuna 



fl;in yBe;iMHeHiin KO;mHecTBa noproB mo>kho HcnoabsoBaTb 
xa6bi. HanpHMep, 8-nopTOBbiii xa6 D-Link DES-1008D 


» K/iioHeH K HHTepHery, Hymno ycraHOBUTb OC 
Windows Server 2003. Ha neM flonwHbi npn- 
cyrcTBOBaib flee cereBbix Kapibi, oflna na ko- 
Topbix 6yfler oOpamena k noKa/ibHoii cern, 
a APyrafi k npoBaiiAepy, npeACCTaenjiHaiAeMy 
Aocryn b HHTepneT. EcrecTBenHo, hto b aaBn- 
CMMOCTM oTTwna noAKmoHeHMJi k neny Bwe- 
CTo cereBoii Kapibi worKer 6biTb ncno/ibao- 
Bano Apyroe cereBoe ycrpoPiCTBo (xDSL, 
oObiKHOBeHHbm MOAeM M npoH.). Ec/in >Ke 
cepBep He OyAer nenjiTbCJi poyrepoM, to ecib 
Her HeoOxoAHMocTM b npeAocTaBneHMM ao- 
CTyna kbk caMowy cepaepy, rax m ero K/ineH- 
T3M B l/lHTepHeT, TO BTOpOM COTeBOM MHTep- 

(Jjeiic He noHaAoOMTCfl BooOiAe. 

Ha MMeroiAMxcB b npoAawe ceTeBwx xapT 
MO)KHO BblOpaTb nioObie OT T3KMX HpOMaBOAM- 

Te/ieii, K3K D-Link vim 3Com. HanpMwep, DFE- 
530TX OT D-Link — €10 vijivi cepMB 3Com 90x 
no Liene ot €12 ao 25. ilocneAHMe HecKonbxo 
Aopowe, HO o6naA3K)T OonbiiiMM KonwHecTBow 
noAAepwMBaewbix TexHonorwH. B xanecTBe 
KOMMyTaTopa vim KOHLieHTpaTopa mowho 
M cnojibaoBaTb nx)6bie noAxoAmAwe no Konw- 
HecTBy nopTOB vi CKopocTM CBBaM oTTex we 
npoMaBOAMTe/ieii. Ec/im bbm nywHo Oonbinee 
KonMHecTBo nopTOB, new MoweT npeAocTaBMTb 
OAHO yCTpoiiCTBO, Bbl MOWeTe COeAMHMTb He- 
CKonbKo cBMHeM Vim xa6oB BwecTe. B no- 
cneAHeM cnynae cKopocTb nepeAaHw ashhux 



Cbhh Surecom EP-808SX 10/100 M6 mt 


6yAeT cwnbHo naAaTb npw pocTe xonwHecTBa 
XaOoB. CtOMT oOpaTMTb BHMMaHWe Ha T3KMe 
MapKM, K3K Surecom vi Compex, Arm neOonb- 
lUMx ceaeii aao onenb nen/ioxoe pemeHMe aa 
CKpoMHbie AeHbTM. HanpHMep, npocToii ne- 
ynpaenneMbiM cbhh na 24 nopaa ot xoMnaHMM 
Surecom (EP-824DX) bw CMOweae Kynnab 
Meubiue HeM aa €90. A aaoro ywe xBaana na 
HeOonbiiJOH o(|)HC. Ec/im Ko/iMnecTBo xoMUbio- 
aepoB B oiJiMce 6o/ibme 24, mowho ncnonbao- 
B3Tb xa6bi A/ifi oTAe/ibHbix rpynn nonbaoBaae- 
/leii. rioAOHAya m He6o/ibUJHe cbmhm ottom we 
Surecom — EP-808SX 10/100 M6mt, BoceMb 
nopaOB, CTOMMOCTblO OKO/10 €20. 

BbiSop MewAy KOMMyaaaopoM vi KOHAeuapa- 
TOpOM aaBMCMT OT BaiUMX (jlMHaUCOBblX BOa- 
MowHocaeii m wenaHua no/iynnab onpeAe/ien- 
Hbiii peaynbaaa. BaAana xa6a — npuHaab naxea 
M paaMHowMTb e/o no BceM nopaaM, Aa/iee pa- 
6oHMe caaHAHM C3 mm paaOepyacs, KOMy m hto 
npeAHaanananocb. Cbhh paOoaaea no-ApyroMy. 
Oh npMHMMaea naxea m nanpaB/mea ero b tot 
nopa, K KOTopoMy noAxmonen nonynaaenb. Ta- 
XMM oOpaaoM, npn McnonbaoBaHMH CBuna, bbi 
no/iynnae 6onbuiyx) nponycxnyx) cnocoOnocab 
H MeHbiiiyx) aarpyweHHocTb cean, hbm b c/iynae 
c xaOoM, a aax we cMoweae c MeHbiuHMM noae- 
pBMH npoBOAHTb paciuMpeHMe Bameii cean. 

Ho M oOoMAeacfl aao neMHoro Aopowe. 

Kax BMAHo M3 npMBeAeHHoro npMMepa, co- 
3Aaab HeOo/ibiijyx) LAN c bwxoaom b klHaepHea 
He aax c/iowho. A yuMabiBan bobmowhoctm m 
npocToay nacapoPixM w2k3, aaAana caanoBMa- 
CJi eiAe 6o/iee npocaoM. 

BMAbl KjmeHTOB 

Ho ceab — aao He aonbxo cepeep, npoBOAa 
M APyroe naccMBHoe mvi axTMBHoe oOopyAo- 
BaHMe. B Heii aax we npMcyacTByxiT paOoHMe 
caaHAMM. klAeanbHbiM x/iMenaoM a/ui Windows 


Server 2003 BBnneacB Windows XP. Ho He mc- 
xnxiHena BoaMowHocab McnonbaoBaHMs aaoM 
CMcaeMbi M B cwemaHHbix reaeporeHHwx ceanx, 
TAe ecTb xoMHbXJaepbi c paanbiMM OC. C btmm 
cepBepoM Morya paOoaaab Macintosh, Linux 
M 6onee caapue BepcMM cawoPi Windows, flns 
paSoTbi c Macintosh b CMcaeMy Bcapoena noA- 
Aepwxa npoToxo/ia Apple Talk. A b tom cnynae, 
ecnM cpeAM x/iMenaoB w2k3 npMcyacTByxiT aa- 
XMe, xoTopbie paOoaaxiT na OC Linux, hboOxoam- 
Mo pasBepuyab na hmx CMCaeMy SAMBA, xoaopas 
noaBOBMT BaaMMOAeiicTBOBaTb MewAy co6om 
AByM 3TMM OC. Hcno/ibayn we b xanecTBe x/im- 
eHTOB Windows 9x m^m Windows Millennium, 

Bbl nmuMaecb no/iHOL(eHHOM noAAepwxM aomb- 
HOB. ripM Mcno/ib30BaHMM cepBBpa aepMMHanoB, 
B xanecTBe paOoHMx caaHAMM mowho BwOpaab 
TOHXMe xnMeHTbi MnM ManoMoiAHbie xoMnbxjae- 
pw c ycaaHOB/ieHHOM Windows 98. B noc/ieAHeM 
BapnaHae Ha xnMenacxyx) Mauinny hboOxoammo 
ycaaHOBMTb xnMena cepaepa aepMMHanoB, aa- 
rpyaoHHbie AMCxeaw xoaoporo mowho CAenaab 
Ha cepaepe. Hacao A/m paOoabi tohxmx x/imbh- 
TOB Ha cepBep nywHo ycaaHOBMTb (jiMpMeHHoe 
no, oOecneHMBaxHAee noAAspwxy aepMMHa/ib- 
Horo pewMMa. Bee aaBMcna oa BaiuMx Ae/ieii, 
MMexiiAerocji oOopyAOBaHMB m cpeACTB. klHane 
roBopn, Windows Server 2003 BB/ifleacji Bno/iHe 
yHMBepca/ibHOM cepeepHOM OC. 

SaKJiiOHeHiie 

B oOiABM, HOBaji paapaOoTxa Microsoft no/iyuM- 
nacb BecbMa m aecbMa yAanHOM. B peay/ibaaae 
cxpeiAMBaHMB nonbaoBaae/ibcxoM Windows XP 
M cepBepHOM w2k noBBM/iacb yAoOHan b mc- 
no/ibaoBaHMM m HaAewHan cMcaeMa. Windows 
Server 2003 AocaaaoHHO npocaa b ocbobhmm, 

B HBM CM/IbHO nOMOraBT ee APyWeCTBeHHWM 
M MHTyMTMBHO nOHJITHblM MHTepc()eMC. 

■ ■ ■ Ajiexcevi Arees 
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0 C 



OT Microsoft 


B anpe;ie 2003 roAa cjDMpMa Microsoft Bbinycin/ia Hoeyio Bepcmo cepBep- 
HoPi onepapnoHHoPi cucieMbi — Windows Server 2003. floc/ie BbixoAa 
B CBei Windows XP, Koiopan nB/innacb cncieMoPi A^n padoMMx ciaHAMPi, 
nonB/ienne HOBoPi cepBepnoPi OC, kohomho >Ke, orKMAanocb. 


HoBoe — 3TO xopomo 
nepeAenaHHoe crapoe! 

CyAfl no Bcewy b pa3pa6oTKy Windows Server 
2003 Microsoft B/iown/ia Konocca/ibHwe 
flenbrn n eme 6o/iee Ko/iocca/ibHwe ycnnnfi. 
rio nepBbiM BneHaTfieHMjiM npoAyKi nojiynnn- 
cn AencTBrneribHo BWAaioiAMMCJi. iloHjiTHo 
M we/iaHMe Microsoft bcomm cnnawn npo- 
ABwraTb ero na pbinoK. flocne BwxoAa hobom 
onepaAMOHHoii cncreMbi, nojiynnBiaeM naaBa- 
nne Windows Server 2003, b Mockbb nonrn 
n\o 6 o\A wenaioiAMM Oecnnarno Mor no/iynnib 
osnaKOMmeribHyio Bepcnio aioro nporpawM- 
Horo npoAyKTa co cpoKOM AefiCTBMji 180 nnn 
360 Anefi. Bonee loro, b HeKOTopwx nnrep- 
neT-Maraannax oaHaKOMMTenbHan Bepcnn 
Windows Server 2003 npoAaea/iacb n npoAa- 
erce Bcero aa 1 Aorinap! PacnpocTpanrincfl nn 
xoTb OAMH npoAyKT OT Microsoft noAoOnbiM 
oOpaaoM? EcTecTBenno, cio/ib aKiMBHo npo- 


ABMraeMan cncieMa ne Morna ne npne/ienb 
namero BHnManmi. floaiowy naw xore/iocb 6bi 
noroBopMTb 0 TOM, HTo we npeACTaB/ieeT co- 
6oii 3TOT 4)/iarMaHCKMM (no BbiparKennio 0/ib- 
™ AeprynoBoii, maBw npeACTaenTenbCTBa 
4)MpMbi Microsoft B Poccmm) npoAyKT. 

Aannaji OC fiBJineTCfi ne hobom paapa- 
OoTKoii, a peaynbTaTOM paaBMTMfi npeAWAy- 
lAMx cepaepHbix oneparinoHHbix cmctcm. 

3to cneAyeT na Toro, hto b npecc-pe/inaax 
M AOKyMeHTax Microsoft ncnoribayroTCJi cno- 
Ba «enhanced» n «improved», a oTHioAb 
He «new». B HeKOTopwx cbomx AOKyMen- 
Tax Microsoft oTKpoBeHHo aasB/ifieT, hto 
W indows Advanced Server, Limited Edition 
BB/iflncfl oAHoii M3 «npMCTpe;ioHHbix» Bep- 
CMM Windows Server 2003. 

H 3TO xopomo noTOMy, hto modan HOBan, 
HanMcaHHan c Hynn nporpaMwa BcerAa m3o6m- 
ayeT paaaMHHoro poAa omnOKaMM, HeAOAea- » 


CHIP 


SPECIAL 


N5 1 1 



HOBaa cepeepHafl OC 11 


» K3MM, HecooTBeTCTBMJiMM. B flaHHOM cjiyHae 
Mbi no/iyHn;iM npoAyKT, y>Ke npomefliauM npo- 
BepKy 6 o6m m He KMmaiMMM omM6KaMn. 

Windows Server 2003 jiBMaacb nepeoM 
onepapMOHHOM CMCTeMoii, cocraBHOM na- 
cTbK) KOTopoii jiB/ijieTCJi n/iaT(|)opMa .NET 
Framework, flo aroro npw menanviw nopaOo- 
TaTb B .NET ee npMxoflkiaocb ycraHaBJiMBaTb 
;im6o K3K OTfleabHbiii npoflyKT, /im6o k3K 
HacTb flpyroro npoAyKia, HanpMMep Visual 
Studio .NET. K newy aro npMBOAMno? Tlio- 
6oii nporpaMMMCT, HanMcaBiuMM paccHmaH- 
Hyio Ha paOoTy b .NET nporpaMMy, AoarKen 
6bm c Heii pacnpocrpaHSTb m .NET Frame- 
work. Tenepb o tom, hto BMecre c npo- 
rpaMMOM Hapo nocraB/uiTb eipe m n/iar- 
(|)OpMy, MO)KHO aaObITb. 

He/ib3fl He aaMeTMTb m nopaaMieribHyio 
HeTpeOoBare/ibHocTb CMcreM ceMeiicTBa 
Windows Server 2003 k pecypcaM, hto 
xopomo BMAHo M3 Ta6n. 1. 

Hto HOBoro noAopiiT 

HOM Microsoft? 

l/lTaK, KaKMe >Ke HOBiuecTBa 6bi/iM npuBnece- 
Hbi B Windows Server 2003 no cpaBHenmo 
c Windows 2000 n KaKMe bo3mo>khoctm 
6buiM y/iynmeHbi? 

CMCTeiuiHbie npmiOMceHMq 

.NET Framework 

3t 3 n/iaT(|)opMa noaHocTbKi MeHjieT npeACTaB- 
neHMfl 0 BbinoaHeHMM nporpaMM b Windows. 
Tenepb KawAan nporpaMMa, coaAaHHaa A^na 
paOoTbi B .NET, BB/iaeTCJi ynpaBnneMOM, to 
ecTb oTBeTCTBeHHocTb 3B ee npaBM/ibHoe M 6e- 
3onacHoe McnoriHeHMe HeceT HenocpeACTBeH- 
Ho naaTcJjopMa, a Tonnee, oAHa m 3 ee cocTaB- 
Hbix HacTeM CLR (Common Language Runtime, 
oOiAaa asbiKOBafl cpeAa McnoaHeHMn). 

KoMUMajiTop npeoOpaayeT nporpaMMy b tbk 
H33biBaeMoe npoMe>KyTOHHoe npeACTaaneHMe 
(It — Intermediate Language, npoMewyTon- 
Hblii J13blK). CLR B HeKOTOpOM CMblCJie JlBafieT- 
CJi MHTepnpeTaTopoM OToro asbiKa. ilepeA 
3anycKOM nporpaMMHoro Kopa Common Lan- 
guage Runtime npoBepneT, MorKeTaM ashhuim 
KOA BbinOnHJlTbCB 6e3 OIUmOoK, nOAXOABT/1M 
TeKyiAMe paapemeHMJi OesonacHocTM Ann Toro, 
HToObI BbinOnHSTb 3TOT KOA, M HO npOM3BOAMT 
m OH KaKMx-nM6o aanpeipeHHbix AeMCTBMM. 

klHTepecHo, HTO nK)6afi ynpaBJiaeMan npo- 
rpaMMa MO)KeT coAepwaTb b ce6n pMrJrpoByio 
noAHMCb paspaOoTHMKa. EcTecTBeHHo, ecnu 
noAHMCaHHan nporpaMMa 6yAeT kbkmm-to o 6- 
paaoM M3MeHBHa, to Mcno;iHflK)iAafl cpeAa He » 



BepcMM Windows Server 2003 


He oahh, a u,enoe ceMeMCTBO 


OnepapMOHHaH CMCTeivia Windows 
Server 2003 npeACTaeriBeT co6om He 
OAMH npoAyKT, a penoe ceivieMCTBO Tano- 
Bbix. HasHaneHMe Ka>KAoro ms hmx one- 
BMAHO M COOTBeTCTByeT HaSBaHMK). 


MOCTM Hapau^MBaTb pecypcbi ceTM. 
standard Edition MO>KeT paOoTaTb Ha 4- 
npopeccopHOM cepaepe c 4 rOaPiT onepa- 
TMBHOM naMBTM. B03M0>KH0, BblOop MMOH- 
Ho 3TOM BepcMM CTaHOT onTMMa/ibHbiM Ann 
60/lbLUMHCTBa pOCCMMCKMX CeT6M. 


> Windows Server 2003 Web Edition 

npeAHasHaneHa Ann nocTpoeHMS m xoctmh- 
ra Be6-npMno>KeHMM, Be6-CTpaHMp m ae6- 
cepBMCOB. OHa bb- 
JlBeTCB CaMOM 
AemeBOM m OyAeT 
MHTepecHa b nep- 
Byra OHepeAb cep- 
BMC-npoBaMAspaM 
M paspaOoTHMKaM 
MHTepHeT-npMno- 
>KeHMM. BepCMH BO- 
6pa/ia B ceOs Bce aynmee, hto ecTb 
B internet information Services 6.0, 
Microsoft ASP .NET m Microsoft .NET 
Framework. FIoto/ikom ahh Web Edition bb- 
jiBeTCB 2-npopeccopHbiM cepaep c 2 F6aMT 
OnepaTMBHOM naMBTM. XOTB KOMnblOTepbl 
noA ynpaaneHMeM Windows Server 2003 
Web Edition Moryr 6biTb HneHaMM AOMena 
Active Directory, b ashhom CMCTeMe HenbSB 
sanycKaTb 3 tot cepBMC. CneAOBaTenbHO, 
Windows Server 2003 Web Edition He mo- 
>KeT MCnOJlbSOBaTbCB atib BbinonHeHMB 
dryHKpMM ynpaB/ieHMB, tbkmx kbk rpynno- 
BaB no/iMTMKa, nonMTMKM orpaHMHeHMB 3a- 
nycKa nporpaMM, cjiy>K6bi yAaneHHOM ycTa- 
hobkm, cjiy>K6bi Microsoft Metadirectory 
Services (MMS), c/iy>K6a internet 
Authentication Service (iAS) m t. a- 

► Windows Server 2003 Standard 
Edition npeAHasHaneHa a^^ paOoTbi b He- 
6o/ibLUMX opraHMsapMBX M oOecneHMBaeT 
noAKmoHeHMe k 
klHTepHeTy m ao- 
CTyn Ka>KAoro co- 
TpyAHMKa K 4)aM- 
jiaM M npMHTepaM. 

Cepsep coAep>KMT 
Bce HeoOxoAMMbie 
cpeACTBa a^h op- 
raHMsapMM BsaM- 
M0A6MCTBMB coTpyAHMKOB. Oh oOecneHM- 
BaeT BbICOKMM ypOBeHb HaA6>KH0CTM, 
6e3onacHOCTM, nosBonBeT npM Heo6xoAM- 


► Windows Server 2003 Enterprise 
Edition paspaSaTbiBanacb c npMpenoM 
Ha Mcno/ib30BaHMe b ccjjepe cpeAHero 
M KpynHoro 6 m 3- 
Heca. 3Ta BepcMB 
Bblnyu^eHa KaK b 
32-pa3pBAHOM, 

TaK M B 64-pa3- 
PBAHOM BapuaH- 
Te. OHa MO>KeT 
paboTaTb Ha 8- 
npopeccopHOM 
cepBepe m noAAsp>KMBaeT aApecapMio a° 
32 rOaMT OnepaTMBHOM naMBTM, a Taurne 
8-y3noByio KnacTepMsapMK). K CTaHAapT- 
HOMy BapMaHTy b BepcMM Enterprise 
AobaBneHbi HecKonbKO hobwx bo3mo>kho- 
CTePi. K hmm othocbtcb, HanpMMep, noA- 
Aep>KKa MMS m NUMA, a Tame pea/iMsa- 
PMB (fryHKpMM Flot Add Memory, KOTopaB 
no3BOBBeT AobaBBBTb B cepsep MOAy/iM 
naMBTM 6es ocTaHOBKM M Aa>t<e 6es ne- 
peaarpysKM noc/ieAHero (b HacTOBU^ee 
BpeMB 3Ta (JryHKpMB MO>KeT6blTb MCnOBb- 
30Bana TOBbKO B cepBepax c annapaTHoPi 
noAAep>«KoPi AoSaB/ieHMB naMBTM 

BO BpeMB paSoTbi). 

► Windows Server 2003 Datacenter 
Edition npeAHasHaneHa p,m paOoTbi 

c KpynHbiMM OasaMM AaHHbix. Ona pa6o- 
TaeT Ha MaiuMHax 
MMHMMyM C BO- 

ceMbio npopec- 
copaMM M noA- 
Aep>KMBaeT ao 
32 npopeccopoB, 
a Tame AonycnaeT 
BOCbMMySBOByiO 
KBacTepMsapMio. 
ripM Mcno/ib30BaHMM o6biHHbix npopecco- 
poB x86 OHa oOecneHMBaeT aApecapMio 
AO 64 rSaPiT naMBTM. Fia 64-pa3pBAHbix 
n/iaTct)opMax npeAen noAAep>KMBaeMoPi 
naMBTM cocTaB/iBOT 16 T6aPiT. 
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To 6 ji. 1. Tpe 6 oBaHiin k CMcreMaiM, hq 6 a 3 e KOTopbix 6 yAyr pa 6 oTaTb OC ceivieMCTBa Windows Server 2003 



Web-edition 

Standard Edition 

Enterprise Edition 

Datacenter Edition 

IViMHMMaAbHaA HacTOTa npoueccopa, MEu 

133 

133 

133 (733 aaa Itanium) 

400 (733 aaa Itanium) 

PexoMeHAOBaHHaA nacTOTa npoueccopa, MTu 

550 

550 

733 

733 

IViMHMMaAbHbiM pasMep RAM, MSaMT 

128 

128 

128 

512 

PexoMeHAOBaHHbiM paaMep RAM, M6aMT 

256 

256 

256 

1024 

HeoSxoAMMoe AMCxoBoe npocrpaHCTBO, rSaiiT 

1,5 

1,5 

1,5 (2 aaa Itanium) 

1,5 (2 aaa Itanium) 



» no3Bo;iMT ee aanycTMTb. 3to 3HaHHTe/ibHo aa- 
TpyflHJieT B03M0)KH0CTb BMpyconMcaTe/iji 
vim anoyMbim/ieHHMKa KaKMM-ro o6pa30M bhb- 
flpmb b McnoriHjieMbiM cbom Kop. Tew ca- 
MbiM yBe/iMHMBaeTCB M 6e3onacHocTb cncTeMw. 

HeoAHopoAHbiM Aocryn k naMflTn 

C yBeriMHeHMeM laKTOBOM sacTOTbi npopecco- 
poB, npMBOAJupMM K poCTy HarpyaKM Ha apxw- 
TeKTypy npopeccopHOM mnHbi, npo6;ieMbi nac- 
iuTa6MpyeM0CTM pemaioTCJi nyrew peariMaapHM 
HecKonbKMX npopeccopHbix ujmh. 3to npwBO- 
flMT K C03flaHMI0 apXMTeKTypbl, COCTOJUpeM 
M3 npopeccopoB m nneeK nawBiM, opraHnao- 
BaHHbix B 6o/iee KownaKTHbie noACMcreMw, 
HaabiBaeMbie yananM. CxopocTb Aocryna npo- 
peccopa K naiMfiTM b ApyrMx yanax HM)Ke, 

H6M B TOM we yane. B peay/ibiare coaAaeTce 
34)4)eKT HeoAHopoAHoro Aociyna k naMJiTM 
(Non-Uniform Memory Access, NUMA) 

B MacujTa 6 ax CMcreMbi. 

HM3Kne CKopocTM AOCTyna k OTAenbHWM 
yanaw Moryr npMBecTM k napeHHK) 6bicTpoAeM- 
cTBMe npMJioweHMM. OC nbiTaercB orpaHMHMTb 
CHMWeHMe OblCTpOAeMCTBMH 33 CHeT Ha3H3He- 
HMji Bcex noTOKOB npopecca nponeccopaM op- 
Horo yana m BbiAeneHMs nawsTM no aanpocy 
B npeAenax roro we yana, rAe HaxoAMTce 3tot 
npopeccop. KpoMe roro, b nocraBKy BicnroneH 
nporpawMHbiM nHTep4)eMC (API), KOTopwM noa- 
Bojiner npM/ioweHMflM no/iynaTb cBeAeHMs 
o6 apxnreKType NUMA. 

Pe>KMMbl COBMeCTMMOCTM 

HoBbiii pewMM o 6 ecneHMBaer coBMecTMMocTb 
CO MHorMMM pacnpocrpaHeHHbiMM npM/iowe- 
HMHMM 6 ea Heo 6 xOAMMOCTM AOnOriHMTe/IbHOM 
HaCrpOMKM. PeWMM COBMeCTMMOCTM n03B0J1JI- 
eT Mcno/ibaoBaTb cpeAy, cooTBeTCTByioiAyio 
no noBeAeHMK) Windows 95, Windows 98, 
Windows NT 4.0 m/im Windows 2000. 3tm pe- 
WMMbi ycTpaHfiioT HeKOTopbie M3 HBMOonee 
pacnpocTpaHeHHbix npoOneM, MemaioiAMx 
HopMa/ibHOM paOoTe CTapwx npMnoweHMM. 
Ectim nocne nepenoca b paOoTe npMnoweHMe 
BoaHMKJiM npoOneMbi, mowho BocnonbaoBaTb- 
Cfl OAHMM M3 peWMMOB COBMeCTMMOCTM — B 
6 o/ibiiJMHCTBe cnynaeB npoOneMbi MCHeanyT. 


Ceresbie bosmomchoctm 

ABTOHacTpoMKa AJifl noAKAtoHeHua 
K HeCKOAbKMM ceTBM 

flaHHaa BoaMowHocTb ynpoipaeT AOCTyn k ce- 
TeBbiM ycTpoMCTBaM M PlHTepHeTy. 0 h 3 TaKwe 

nOBBOASeT nOAbaOBaTBAJlM MoOMAbHbIX KOM- 
nbiOTepoB ocyipecTBAATb AocTyn k ocJjmchom 
M AOMaiBHeM ceTM, He nacTpaMBaa napaMeapbi 
TCP/IP BpyHHyio. ABTonacTpoMKa oOecnesM- 
BaeT npMMeneHMe aAbTepnaTMBHOM KOH(|)Mry- 
paAMM TCP/IP, ecAM cepeep DHCP (Dynamic 
Host Configuration Protocol) ne naMpen. 
AAbTepHaTMBHaa KOHtjJMrypauMA noMoraeT 
B CMTyariMAx, KorAa KOMUbioTep McnoAbayeTca 
AAA paOoTbl B HeCKOAbKMX CCTAX, HpMHeM 
B OAHOM MX 3TMX CBTeM CepBOp DHCP OTCyT- 
CTByeT, a aBTOMaTMuecKoe HasHaueHMe na- 
CTHbix IP-aApecoB HeweAaTeAbHo. 

riepeABHa roAoca no nporoKOAy IP 

floAyneHMe yAaAeHHoii noMoipM (Remote 
Assistance) no PlHTepneTy ct 3 ao Ayume Onaro- 
AapA noAKAiOHeHMio k Windows Messenger Boa- 
MOWHOCTM nepepauM roAoca no npoTOKOAy IP. 

rioAAep>KKa ATM 

AcMHxpoHHbiM pewMM uepepaHM (Asynchro- 
nous Transfer Mode, ATM) — 3 to bwcokocko- 

POCTHOM npOTOKOA, HpeAHaaHaHeHHbiM AAA 

oAHOBpeMeHHOM nepeAauM no cotm paa- 

AMHHblX TMnOB AaHHbIX, T3KMX K3K rOAOC, 
M3o6paweHMe, BMAeo m t. a- 

foBopA 6 oAee HayHHWM abbikom, 3 to mupo- 
KOnOAOCHblM MBTOA peTpaHCAALlMM AHeOK, UpM 
KOTopoM AaHHbie nepeAaioTCA AueMKaMM (Jjmk- 
CMpoBauHOM aamhw (no 53 OaiiTa). HueriKM 
coAepwaT 48 OaiiTOB: coOcTBeHHo nepepaBae- 
Mbie AaHHbie M 5 AOnOAHMTeAbHWX OaMTOB — 
aaroAOBOK ATM. HanpMMep, nepeAaBaa 1000- 
OaMTHbiM naxeT, ATM paaoObeT ero na 21 kbap 
M noMecTMT xawAbiM K 3 AP B AueMKy. B peayAb- 
T 3 Te 6 yAeT npoMaaoAMTbCA nepeAaua ctbh- 
AapTHbix, eAMHooOpaaHbix naxeTOB. 

CeTeBoe oOopyAOBanMe mowbt xoMMyTM- 
poBaTb, MapmpyTM3MpoBaTb M nepeMeuraTb na- 
xeTbi (|)MxcMpoBaHHoro paaMepa OwcTpee, 

HeM naXeTbl npOMBBOAbHOM AAMHHbl. A AHeii- 
XM cTaHAapTHoro paaMepa hobboaaxtt 6oAee 


3(J)4)eXTMBH0 MCn0Ab30B3Tb 6y(|)epbi M 
coxpaiAax)T BpeMA na cboxj o6pa6oTxy. 
OAMHaxoBbiii paaMep Aueex, xpoMeToro, 
nOBBOAAeT ynpOCTMTb HAaHMpOBaHMe He- 
oOxoammom noAOCbi nponycxaHMA. 

TeopeTMHecxM nponycxnaA cnocoOnocTb 
ATM MoweT AoCTMHb 1,2 TOmt b cexyHAy. Oa- 
Haxo B HacTOAuree BpeMA cxopocTb ATM orpa- 
HMHMBaeTCA CXOpOCTbX) OHTOBOAOXOH HOrO X3- 
6eAA, xoTopaA ne npeebimaeT 622 M6mt/c. 

rioAAep>KKa cny>K6 MeTaKaranoroB 
(Microsoft Metadirectory Services, MMS) 

06utmm CMbicA CAywObi MeraxaraAora coctomt 
B nocTpoeHMM Bfl, ABAAXnpeMCA xpaHMAMureM 
MHcfjopMauMM o6 oOtexTax Ax)6bix cAyw6 xara- 
AoroB, 6yAb to Active Directory, Lotus Notes, 
Netscape iPlanet m t. a- MMS xpauMT m MHTer- 
pMpyeT MHcfiopMaAMX) M3 MHowecTBa xaTaAoroB 
B eAMHyx) CAyw6y xaTaAora aaa Bcefi opraHM- 
33AMM. BcTpoeHHbie B MMS areHTbi ynpaBAe- 
HMA BbinOAHAXTT 4)yHXUMM HOCpBAHMXa MeWAy 
CAywOoM xaxoro-AM6o xaTaAora m 6aaoM mhtb- 
rpMpoBauHbix MeTaAaHHbix. Ha nepBOM 3Tane 
paOoTbi OHM o6ecneHMBax)T MMuopT M npeo6- 
paaoBaHMe MHt|)opMauMM aaa paaMemeHMA mx 
B MeTaxaTaAore, a nocAe MOAMtJjMxauMM — 
axcnopT 3TMX npeoOpaaoBaHHwx AaHHwx o6- 
paTHo, B cooTBeTCTByxrurMe cAywOu xacaAoroB. 

Bca MH(|)opMauMA 0 pecypcax ceTM xpaHMT- 
CA B Bfl MBTaxaTaAora b BMAe oOtexTOB, xax 
M B CAyw6ax xaTaAoroB. KawAbiM mb oOtexTOB 
xapaxTepMayeTCA HaOopoM cbomctb (acpnOy- 
tob). CaMM AaHHbie XpaHATCA B BMAe xoHxpeT- 
HblX aHaueHMM 3TMX aTpM6yT0B. 

rioAKJiioHeHMe no nporoKony PPPoE 

flocpeACTBOM npoToxoAa PPPoE (Point-to- 
Point Protocol over Ethernet) noAbaoeaTeAM 
Ethernet-ceTM MorycycTaHaBAMBaTb coeAM- 
HeHMe c PlHTepHeTOM nepea mupoxonoAocHyx) 
AMHMX), Taxyx) xax DSL, OecnpoBOAHoe ycTpoM- 
CTBO MAM XaOeAbHbIM MOAeM. C nOMOUrbX) 

PPPoE noAbaoBBTeAM aoxbabhom ceTM MoryT 
noAynaTb AocTyn x BbicoxocxopocTHbiM ceTAM 
AaHHbIX. 06teAMHAA Ethernet m npoToxoA PPP 
(Point-to-Point Protocol), npoToxoA PPPoE 
oOecneHMBaeT 3(J)(|)exTMBHbiM cnoco6 coaAa- » 
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HOBaa cepeepHafl OC 13 



» HMji oTfle/ibHbix coeAHHeHMM c yfla;ieHHbiM 
cepsepoM KawAoro no/ibaoBare/ifl. 

B Windows Server 2003 BK/noneH Apawsep 
3Toro npoTOKona. 

noAAepwKa npoTOKOJia IPv 6 

IPv6 — 3TO Ha6op craHAapTHbix nporoKonoB 
ceieBoro ypoBHa cneAyioiAero noKonenmi. 

IPv6 ycTpanneT MHorne npoOnenbi, Koropwe 
npncyrcTByroT b leKyiAeii Bepcnn IP (IPv4) pj\!\ 
OC ceMeiicTBa Windows, b tom nnc/ie npo6ne- 
Mbi, KacaroiAMecn nexBaTKn aApecoB, Oesonac- 
HocTM, aBTOHacTpoMKM, pacmMpjieMocTM M T. A- 

EesonacHOCTb 

Firewall ( 6 paHAMay 3 p) 

BpaHAMayap noAKmoHeHMB k Cein (Internet 
Connection Firewall, ICF) oOecnennBaeT 6eao- 
nacnyio paOory b 1/lHTepneTe n npeAHasHaHen 
A/ia Mcnonb30BaHna b AOMamnnx ycnoBkinx 
M na HeOonbmnx npeAnpnnimix. 3ra bo3mo>k- 
HocTb AocTynna Ann npnMeHeHna b noKanb- 
Hbix cerax, npn yAa/iennoM Aocryne k cein, 

B BwpTya/ibHbix HacTHbix ceijix M npn noAKnra- 
HeHMBx no npoTOKony PPPoE. BpanAwayap 
TaKwe npeAOTBpaiAaei CKaHnpoBanne noproB 
M peCypCOB M3 BHeilJHMX MCTOHHMKOB. 

rioAAep>KKa npoTOKoaa IPSec 

IP Security — 3to KOMnneKT nporoKonoB, 
KacaioiAMxcfi BonpocoB mMcJjpoBaHMJi, ayren- 
TMtjJMKanMM M oOecneHeHMJi aaiAMTbi npu 
TpancnopTMpoBKe IP-naxeTOB; b ero cocraB 
ceMHac BxoAfiT bohim 20 npeAnorxeHMM no 
craHAapiaM m 18 RFC. Oh noaBonner o6ecne- 
HMBaib aaiAMTy MHipacereM, a raxwe co 3A3- 
B3Tb OeaonacHbie pemeHMfi na 6aae Bupry- 
a/ibHOM HacTHOM cBTM Ann CBJ13M Hepea 
1/lHTepHeT. TexHonorMfl IPSec 6bma paapaOo- 
Tana rpynnoM IETF (Internet Engineering 
Task Force) m BBaaeTcn ciaHAaproM ujM(|)po- 
BaHMa Tpat|)MKa TCP/IP. 


FlaaepHoe, 3 to Aanexo He no/iHbiM nepe- 
HeHb Toro, HTo 6bmo Ao6aB/ieHo b HOByio cep- 
BepnyK) onepagMOHHyio CMcreMy. Flo p,ame 
T3K0M CBMCOK no3Bo/ineT cKaaaTb, hto bhb- 
ceHHbie M3MeHeHMa nenban HeAoogeHMBaTb. 

rnOBHOe — HaA6)KHOCTb 
M 6esonacHOCTb 

ripM anaKOMCTBe c rexHMHecKOM AOKyMeHTartM- 
eii Windows Server 2003 b rnaaa Opocararcn 
ABe AfiTanM. Bo-nepBwx, Microsoft aesAe noA- 
nepKMBaer noBbimeHMe HaAewHocTM HOBoro 
cepaepa. Flo aaaBneHMJiM pyKOBOAMieneii 
Microsoft, KarKAan crpouKa KOAa 6bma npocMo- 
rpena m ace nporpaMMw 6buiM HeoAHOKpaiHo 
npoBepeHbi na nanuMMe oujmOok. 

Bo-BTOpbIX, B BbICTynneHMflX OC()MLlMa/1bHblX 
/IMA KOMnaHMM KpaCHOii HMTbK) npOXOAMT 
Mbicnb 0 TOM, HTO 6e3onacHocTb HOBoro cep- 
Bepa 6bma yaenMnena. FlanpMMep, Bm/iji Ber- 
Te, BMAe-npe3MAeHT noApasAeneHMs Windows 
Server Division KopnopaAMM Microsoft, 3a- 
nBM/1 cneAyioigee: «flpM paapaOoTKe Windows 
Server 2003 Mbi craBMnM bo rnaay yr/ia noBw- 
meHMe OeaonacHocTM CMCTeMw. BesonacHocTb 
BBJifieTcn OAHOM M3 maBHbix 3a6oT no/ibaoaa- 
Teneii, m HOBwe (fiyHKAMM, peanMaoaaHHbie 
B 3TOM BepcMM, 3H3HMTenbHo oOnerHaiOT 
C03AaHMe aaiAMiAeHHbix cmctbm. Windows 
Server 2003 npeACTaB/iner co6om HaAe/K- 
HyK) OeaonacHyio nnaTt|)opMy». 

Fla KOH(|)epeHAMM rrOnpeAenan 6yAyiAee», 
OpraHM30BaHHOM MOCKOBCKMM npeACTBBM- 
TenbCTBOM 4)MpMbi Microsoft, npoaByna/io 
cooOiAeHMe, hto Ann npoBepKM HaAe/KHOCTM 
M OeaonacHocTM cepeepa Microsoft HaHnna 
HecKo/ibKo (jjMpM, cneAManM3MpyK)iAMxcn 
Ha TecTMpoBaHMM ycTOMHMBocTM 6e3onacHo- 
CTM KOMBblOTepHblX CMCTOM. Bce HOTeHAManb- 
Ho HeOeaonacHbie anropMTMw 6bi/iM npoana- 
/iM3MpoBaHbi M nepepa6oT3Hbi. 

Bo/iee Toro, bo BpeMfi paapaOoTKM 
Windows Server 2003 b cooTBercTBMM c pac- 
nopn/KeHMeM Emna feriTca oOnaaTenbHbiM 
HTeHMeM Ann coTpyAHMKOB Microsoft crana 
KHMra MaMKna XoBapAa m fl3BMAa He6naHKa 
«3aiAMiAeHHbiM KOA». 3 tm (J/aKTbi TonbKo noA- 
TBep>KAaK)T, HTO 6e3onacHocTM m naAe/KHocTM 
HOBoro cepBepa bo BpeMJi paapaOoTKM 6bi/i 
OTA3H HaMBblClUMM npMOpMTBT. 

flpM paaroBope o OeaonacHocTM Hoaoro 
cepaepa nenban ne aaMeTMTb, hto nocne ero 
MHCTannsAnn ace paOoTaeT no MMHMMyMy. 
HTo 6 bi aanycTMTb tot mbm mhom cepBMC, nonb- 
aoBaTenio npMAeTcn ocoanaTb, ny/Ken m eMy 
3 TOT CepBMC, M nOHHTb, K 3 KMM o 6 p 330 M OH MO- 



Em/i/i Berre, BHi^e-npesHAeHT 
noApasAeBeHiin Windows Server 
Division KopnopaAMM Microsoft 


>KeT 6biTb aanyigen. TIk)6om bmammum m3 Mh- 
Tepnera cepBMc npeACTaenner co6om noren- 
AManbHyio 6pemb b aaiAMTe. 3aneM 3tm naaen- 
KM oTKpbiBaTb aapaHBe? 


Mrom M BbIBOAbI 

fnaBHbiM BbiBOA M3 Bcero CKaaaHHoro b tom, 
HTO aAMMHMCTpaTop nio6oM ceTM, nepexoAn na 
Windows Server 2003, nonynaeT pnA npeMMy- 
lAecTB. B MX HMcne — noBbimeHHbie HaAenr- 
HocTb M OeaonacHocTb cepeepa. 

KpoMe Toro, MAeonorMs noBoro cepaepa 
noApaayMeBaeT BwcoKyio KBanM(|)MKaAMio 
aAMMHMCTpaTopa. CMCTeMa, oOecnenMBaioiAafl 
npocjreccMOHanbHbiM pocT aAMMHMCTparopoB, 
nBnneTcn rapaHTMeii BbicoKoro ypoBna ana- 
HMM. A HTO B name BpeMs peHMTcn Aopo/xe? 

■ ■ ■ OaBen PyMBHAeB 
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MHCTA/l/lJlUMJI M HACTPOMKA yciaHOBKa Windows Server 2003 


HanaAO nym 


flyre bo AMTen b 



Toro HTo6bi pa6oTaib c Windows Server 2003, ero, pasy- 
Meercn, HeoOxoAUMO HHCTa/inupoBaTb na cbom KOMObtorep. 
EcTecTBeHHO, Hy>KeH nyreBOAHTe/ib, Koiopbm paccKa>KeT 
HAM o6 aranax ycraHOBKM hobom onepapnoHMOM cncreMbi. 


W indows Server 2003 mowho mh- 
CTa/innpoBaib c Hyne, a mo>kho 
C flenaib oOHOBJieHne tom cMCTewbi, 
KOTopaa y>Ke ycTaHOBnena na Kownbrorepe. K 
cowaneHMio, chmcok onepapMOHHwx CMcreM, 
oOnoBneHMe KOTopbix AonycKaerce, orpann- 
HOH Windows NT Server 4.0 SP5 (BKniOHaji 
Terminal Server Edition m Enterprise Edition) 

M Windows 2000 Server (BK/iroHae Advanced 
Server). llpM oOnoBnenMn cyKaaanHbix 
CMcreM oOecneHMBaeTCB nepenoc 6 a 3 w 
AaHHbix MMen n naponefi no/ibaoBareneM 
B ycTanaB/iMBaeMyK) CMcrewy. 

Mbi paccMOTpMM ycranoBKy c nyriJi. Hh- 
CTan/mpMJi b KaneCTBe BTopori CMCTewbi nnn 
noBepx npeAbiAyereM oT/iMHaeicfl or nee ronb- 
KO HeKOTOpWMM MenOHaMM, KOTOpbie OneBMA- 
Hbi M He Tpe6yK5T noApoOnoro onncaHMe. 

flepBbie Luam 

BK/iioHMTe B BIOS aarpysKy c CD, BcraBbre 
KOMnaKT-AMCK c aanMcaHHoii na hbm BepcnePi 
Windows Server 2003 m ceAtTe noyAodnee. 
)KAaTb npMAeTce Aonro, npopecc MHCTan/m- 
i\m 6 yAei AnnrbCJi nopeAKa copoxa MMHyi. 

Ec/im y Bac b KownbiOTepe ecTb odopypoBa- 
HMe, TpeOyioipee cnennanbHbix ApafiBepoB, 

TO B C3MOM Hanane ycTaHOBKM hboOxoammo na- 
waTb F 6 , nocne Hero CMCTena aanpocMT amck 
c ApaMBepawM m aarpyanr mx. A Tenepb AaaaM- 
Te npoMAOM Becb nyrb MHCTan/iJiLiMM no maraw. 

TeKCTOBbiii 3Ton 

marl. Ha AaHHOM 3Tane Ha amcko HMnero 
HOT, MMHMMa/ibHo paOoTaioiAafi CMCTOMa aa- 
rpywena c KownaKT-AMCKa. 

CnaHana CMCTewa aanpocMT, npMHMMaeTe 
m Bbi nMpeHaMOHHoe cornameHMe Microsoft. 
EcnM Bbi He npnweTe ero, to totao ycTanoBMTb 
HOBbiM cepBep HeyAacTCfl. lloaTOMy HarxMMTe 
F 8 , MHane na 3 tom ycTanoBKa cncTeMbi OyAOT 
npepsana npaKTMnecKM ne HanaBiiJMCb. 



Apyroro BuxoAa, Kpoivie KaK HamaTb 
K/iasMuiy F8, y aac npocTO Her 


lUar 2. Ha 3tom mare 6ypyT cosAaBaTbcn 
M npM HeodxOAMMOCTM yHMHTOWaTbCB paape/lbl 
wecTKoro amckb. lloaTOMy Hy>KHo 6wTb xpaMHe 
BHMMarenbHbiM — 3Aecb Bbidop aneweHTa «VAa- 
neHMe paapena* opmboamt k HeweA/ienHOMy 
yAaneHMio. Hmkbkmx «Undo» Ha 3 tom mare Her, 
TO ecTb BepnyTb yAaneHHoe ne yAacTcn. 



HyWHO COSAaTb KaK MMHHMyM OAKH 
pasAea Ha BMHHecrepe, Hamaa K/iaBHUiy 
C (Create Partition, «Co3AaTb pa3Aen») 


paaMeipeHa ho paaAene. EcTb neTbipe eapnaH- 
Ta (|)opMaTMpoBaHMJi — FAT (Quick format), 
NTFS (Quick format), FAT m NTFS. Mbi pexo- 
MeHAyeM cneAyoT BbiOnpaTb NTFS kbk ubm- 
6onee HaAernuyio (Jjaii/ioByio cMCTewy. 

BbiCTpoe (JjopMaTMpoBaHMe coaAaeTTaOnnpy 
paaAenoB, He paaMenae eecb amck m He npoee- 
pefl ero na nnoxMe cexTopa. Ecjim bw neAaBHo 
npoBepjmM BMHnecTep na nanMHMe nnoxMx cex- 
TopoB mn yBepeHbi b ero McnpaenocTM, cneno 
BbiOMpaMTe ObicTpoe (jjopwaTMpoBaHMe. 



OnTMManbHbiH Bbi6op cnoco6a cpopiviaTH- 
pOBaHMB — 6blCTpoe <|)OpMaTMpOBaHMe 


CMCTewa oTc()opMaTMpyeT amck, CKonnpyeT 
(jraiinbi c KownaKT-AMCKa Ha BMHuecTep, npo- 
MaseAeT neKOTopwe noAroTOBMTe/ibHwe asm- 
CTBMfl M nepeaarpyaMT KOMUbioTep. 


UJar 3. Heo6xoAMMo yKaaaTb paanep 3 to- 
ro paaAena. Mbi peKowenAyeM paaOMTb amck 
MMHMM yM Ha ABB paBAO/ia b penax noBwme- 
HMJI HaAe>KHOCTM. 

UJar 4. Ha 3TOM mare CMCTewa saflaci bo- 
npoc 0 TOM, KaKafl (jjaid/ioBafl CMCieMa 6yflei 




rioc.ne nepeaarpysKM HaHHeicji BiopoM, 
rpa4)MHecKMM aian. Bo epeMfi nepeaarpyaKM 
y6eAHTecb, hto cucieMa 3arpy>KaeTCfl nMeHHo 
c >KecTKoro amckb, 3to 6yA6T CBHflereabCTBo- 
Baib 0 TOM, HTO Bbi BC6 A^/iaeTe npaBM/ibHo, 
a nep-Bbm 3Tan nporpaMMbi ycTaHOBKM oTpa- 
6oTaa KoppeKTHo. » 
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Hana/io nyin 15 


no HHCTaJ1J15IL4HM * 


» rpa<t>imecKiiii 3Ton 

lUar 5. MiaK, Hanajicfl BTopoii aran ycraHOB- 
KM. Hepea HecKo;ibKo ceKyHfl na aKpane 6yAer 
OTo6pa>KeHO flua/ioroBoe okho, b Koropow 


BbiBOAa coo6iAeHMM A-Hfi nporpawM, He mc- 
no;ib3yioiAMx Unicode. 3ABCb mh peKowenAy- 
ew Bbidpaib pyccKMM nabiK, MHane 6onbujnH- 
CTBo coodiAeHMM Bbi npocTo-HanpocTo He 


UJar 8. HywHo yKaaaib mmb BnaAenbLta 
KOMObiOTepa M HaaBanne opraHMaapnM, b ko- 
Topoii aroT Kownbraiep yciaHOBnen. 3ra mh- 
(|)opMaAMfl He nrpaer npaKiMHecKM HMKaKOM 


Bbi Ao/DKHbi yKaaaib CMCieMe pernoHanbHbie 
M fiabiKOBbie napaMeipbi, b cooiBeicTBHM 
c KOTopbiMM oHa 6yAei 4)opMnpoBaTb coo6- 
lAeHMji M oTBeHaib Ha aanpocbi. Hawaa b aioM 
oKHe KHOHKy «Custom1ze», mh nepeMAew 
K cneAyioiAeMy mary. 



UJar 6. B aaBMCMMOCTM OT BbldpaHHOM Ba- 
MM cipaHbi MeHfleicB (JjopMai BWBOAa naAMo- 
Ha/IbHOM Ba/1K)Tbl, HMCe/1, BpeMBHH M Aaibl. 



PerMO- 

Ha/IbHbie 

1-^ * y 1 T ^ u- || _ 1 

ycraHOBKM 

- — 1 

M flSblKO- 
Bbie napa- 


Merpbi on- 


peAeanioT 

«4>opMaT» 

o6iAeHMfl 

— 

no/ibso- 
Bare/iB c 


KOMnbK)- 

TepoM 

1 ^ J ^ 


BKnaAKa «Languages» noaBonaei ycia- 
HOBMTb noAAepwKy aakiaicKi/ix aabiKOB. Ha 
BKnaAKe «Advanced» BbidupaeM napaweipbi 


CMoweie npoHecTb. 



ponn B AOMamneM ceiM, noaiony aAecb aama 
(fiaHTaaMB MO>KeT nponambcji b nonnoM Mepe. 


HymHO yKasaib, Hio6bi «He-Unicode»-npo- 
rpaMMbi McnojibsoBaaM pyccKMii nabiK 

BepneMCfl k OKHy, oiodpawenHowy b mare 
5, M BbidepeM ne «Custom1ze», a «Default». 
Rocne aioro mw nepewABM k mary 7. 

UJar 7. 3ABCb bw cMoweie yKaaaib kom- 
nbKJiepy, na kbkmx nauKax c hum mowho 
6yAei odiAaibCfl. 



OnpeAeaeHite pacK/iaAKii K/iaBHaiypbi 
H coHeiaHMSi KaaBHUi CMeHU nsbiKa 


CKaaaHHoe Bbime KOMMeniapweB ne ipe- 
6yei, AociaioHHO npocio BarnsHyib na Kap- 
iMHKy. Tenepb Hy>KHo onaib sepHyibCB k ok- 
Hy, ynoMjiHyioMy b mare 5, m nawaib b hbm 
KHOHK y «Next». 





ripM BB0A6 MMeHH BaaAeabL|a KOMnbioTe- 
pa orpaHHHeHMii He HaKnaAbiBaeicfi 

flanee Microsoft nbiiaeicn ydeAMibca, hio 
B bi BBHjieiecb aaKOHHbiM B/iaAenbL(eM ashhom 
K onwM M ipedyei bbocim k/iioh npoAyKia. » 


BajKHon MH<|>opMai4Msi 


.ElpaHBepbl H nOTHH 

ripn yciaHOBKe Moryi noipeSoBaibcn 
ApaiiBepbi K BMAeoKapiaM h APyroMy 
oSopyAOBaHMio, noaioMy no3a6oibiecb 
o lOM, HI06bl AUCKM C HMMM HaXOAMHMCb 
y Bac noA pyKoii. 

BaM oSnaaie/ibHO noipe6yeicn aannaiKa 

(patch) cny>K6bi RPC, Koiopyio mo>kho 

CKanaib no ccbi/iKe, npMBeAeHHoPi HM>Ke: 

http://download.microsoft.com/down- 

load/8/f/2/8f21131d-9df3-4530-802a- 

2780629390b9/WindowsServer2003- 

KB823980-x86-ENU.exe 

3ioi >Ke naiH Mowei 6biib HaMASH m Ha 

caiiie «Jla6opaiopMM KacnepcKoro»: 

www.avp.ru/news.html?id=1319264. 
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16 MHCTA/l/lJlUMJl M HACTPOMKA yciaHOBKa Windows Server 2003 



» LUar 9. Ha btom mare Heo6xoflHMo onpe- 
fle/iMTb npaBM/ia, b cooTBercTBnn c Koropbi- 
MM 6yA6T /inpeHanpoBaTbCfl yciaHaBJinBae- 
MbiM B3MM cepBep. OnepapMOHHafl cncreMa 
Windows Server 2003 noflflep>KHBaeT flea pe- 
>KMMa /iMpeHBMpoBaHMjt: «Ha cepBep» (Per 
Server) n «Ha padonee MecTo» (Per Seat). 

flnn Toro HToObi CAenarb ocMwcneHHbm 
BbiOop perKMwa rumeHBnpoBaHMfl, paccMorpuM 
npeMMyipecTBa n HeAOCTaTKM KawAoro mb 
cnocoOoB noApoOnee. 



/InpeHanpoBaHMe «Ha cepeep* noApasyne- 
Baer HeoOxoAHMocTb BbiAeneHnji KnueHTCKnx 
riMAeHBMM Ann noAKnioHeHnn k onpeAeneHHOMy 
cepBepy. KawAan nnpeHann paapemaer oaho 
noAKnioHeHMe KnueHiCKoro KOMnbioTepa k cep- 
Bepy Ann Aocryna k cereBbiM cnywOaM. B more 
KonnnecTBo nnneHanii Aonnwo cooTBercTBo- 
BBTb MBKCMManbHOMy HMCny OAHOBpeweHHO 

noAKmoneHHbix k cepBepy KOMObioTepoB. 

Taxan nonmuxa nnpeHanpoBaHnn npep- 
nommenbHa Ann HeOonbmnx cerefi c oahmm 
cepBepoM M Ann cepBepoB HmepHera nnn 
yAaneHHoro Aocryna, KnnemcKne KownbiOTe- 
pbi KOTopbix nMAenanpoBaTb nenban. /InrieH- 
anpoBaHwe «Ha cepBep» noaBonner onpeAe- 
nmb MaKCMwanbHoe nucno napannenbHwx 
noAKnioneHMM k cepBepy m OTKnoHmb nonbir- 
KM BxoAa B CMcieMy AononHmenbHbix nonb- 
aoBareneM. Ecnn bw coMHeBaeiecb, mo bw- 
6paib, BbiOepme aror perxMM. 

/InpeHanpoBaHMe «Ha paOonee MecTo» 
rpeOyer oiAenbHOM KnueHTCKoii nnpeHann 


Ann KawAoro KownbiOTepa, oOpamaioiAerocn 
K Windows Server 2003 Ann Aocryna k ochob- 
HbiM cereBbiM cnywOBM. Ecnn Kownbiorep nn- 
AenanpoBaH, c Hero paapemeno oOparmbcn 
K nioOoMy cepBepy Windows Server 2003 b ce- 
TM. Taxan nonmnxa nnrteHanpoBaHnn Bbirop- 
Ha Ann Oonbmnx cereri, tab xoMnbxrrepbi co- 
eAMHnxrrcn c Hecxonbxnnn cepBepawn. 

UJar 10. Ha aroM mare hboOxoammo aaparb 
v\m xoMHbxrrepa n naponb aAMnHncrparopa. 



Jlynme He npriAyMbiBarb xaxoe-ro oco6o 
aaxoBbipMCToe Mwn cepeepa, bbab b AanbHew- 
meM ero npMAercn McnonbaoBaib oneHb nacro. 
Hto xacaercn naponn, to ryr rpeOoBaHMn npo- 
THBononorxHbie. flaponb Aonrxen 6birb Aocra- 
TOHHO cnorxHbiM. Jlynme Bcero, ecnn oh OyAer 
coAsprxarb 6yxBw, naOpaHHbie na pasHbix pe- 
rwcrpax, L(M(|)pbi m cneAHanbHwe cHMBonw. 
ripM aroM MX coneraHMe b Mpeane ne AonrxHo 
BbiabiBarb HMxaxMx accoL(MaL(MM. PaayMeercn, 
naponb nenban aanMCWBarb m xpanMib b raxoM 
Mecre, orxyAa oh nerxo worxer Owib noxHipen. 



A c xaxMM norMHOM hboOxoammo ocyipe- 
CTBnnrb bxoa b cepaep? B npopecce ycranoB- 
XM coapaercn nonbaoBarenb Administrator, 
naponb pnn Hero m coaAaercn. flpyrMMM 
cnoBaMM, HeoOxoAMMo npn nepBOM BxoAe 
B Windows Server 2003 McnonbaoBarb norMH 
Administrator m naponb, xoropuM ronbxo mo 
6bin BaMM npMAywaH. A Aanbme Bce Aenaercn 
nerxo m npocro. 


UJar 11. Ha aroM mare hboOxoammo yxa- 
aarb pary, Bpewn m Bam nacoBofi none. 



OOpaiMTe BHMMBHMe Ha Manenbxoe oxho 
B HM)XHeM HacTM axpaHB. Ecnn b new OyAer 
ycraHOBnena ranonxa, to CMcrewa aBTOMaTM- 
HeexM 6yABT MaweHnrb Bpewn npM BBeASHHM 
nernero Mnn anMHero BpeneHM. H apecb ecTb 
OAHa HeyBnaxa. Becb mmp nepexoAMT na anw- 
Hee Bpemn b xoHL(e cenmOpn. Panbme rax pe- 
nana m Pocenn. OAHaxo cennac Pocenn nepe- 
xoAMT Ha aMMHee BpeMn b xonrie oxrnOpn, 
noarowy bbm npMAercn «0TMaTbiBaTb» Bpewn 
HaaaA b xoMpe ceHrnOpn m bhobb xoppexTM- 
poBBTb ero B xoHLie oxTnOpn. BoaworxHan 
anbTepHaTMBa — >xMTb Meenp c HeBepHww 
BpeweHeM Ha cepaepe. 

UJar 12. Ha aroM mare CMcrena nonpocMT 
Bac yxaaaTb, xaxMe cereBbie HacrpoMXM ne- 
oOxoAMMO npMMennTb b padore. 



EcnM Bbi HeAOCTaroHHo onbiTHw, BwdMpaM- 
re «Typical», a ne «Custom». PaaHMua nerxAy 
aTMMM perxMwaMM aaxnxrnaeTcn b nacTpoMxe 
npoToxona TCP/IP. Ecnn bh xoTMre, hto6w cm- 
crewa cawa naerpoMna cereBbie napaMerpu, 
cepaep nonbiraercn nonynMTb IP-aApec c cep- 
Bepa DHCP. Ecnn cepaepa DHCP anoxanbHOM 
cerM Her, to CMcrewa cawa aapeaepBMpyer IP- 
aApec Ma panee onpeAenennoro Ananaaona. 

UJar 13. EcnM >xe Ha npeAbiAyrAew arane 
Bbi BbidpanM He «Typical», a «Custom», ro 
Baw npMAercn HaerpoMTb cepeep Ann pa6o- 
Tbi B noxanbHOM cerM apysnyx). » 
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» B 3TOM OKH6 Bbi6npaeM «Internet Protocol 
(TCP/IP)», noc/ie nero HawMMaeM K/iaBumy 
((Properties* n bboamm AaHHbie. 



npeAnonorKMM, HTo bh nbiraerecb ycraHo- 
BMTb cepBep B noKanbHOM cein rKn/ioro Aowa 
vim He6o;ibmoM (|)MpMbi. B 3tom cnynae Baw 
AoruKeH 6wTb naBecieH AnanasoH cereBwx 
aApecoB M MacKa noAcern. ilepBbie rpn none 
IP-aApeca n nacKa noAcern ao/dkhw coBna- 
Aaib y Bcex KownbiOTepoB noKanbHOM cern, 
TonbKO noc/ieAHee none AonwHo 6birb ynn- 
KanbHbiM. VsHaTb IP-aApec (b tom nncne 
CBo6oAHbm) M MaCKy noACern mowho, bu- 
nonHMB na ApyroM Mamnne, BxoAniAeii b 
ceib, KOMaHAy ipconfig /all. 



y aAMMHMCTpaTopa nywHo yanarb aApec 
MapinpyinaaTopa Bameii cern n yKaaaib ero 
B KanecTBe mnroaa no yMonnannio (Default 
Gateway). Ecnn MapinpyrnsaTopa b cern nei, 
TO neoGxoAMMo yKaaaTb aApec cepBepa npo- 
BawAepa. Ecnn n nHTepneT-npoBafiAepa hot, 
TO nyrKHo ocTaBMTb 3TO none nycTbiM. 

Appec DNS-cepaepa Bameri ceTM nyrKHo 
yxaaaTb b none ((Preferred DNS server* (npeA- 
noHMTaeMbiii DNS-cepeep). Ecnn 3Toro cep- 
Bepa B ceTM neT, TO nywHo ocTaBWTb none 
nycTbiM. B AanbueiiiijeM bw CMorxeTe ycTano- 
BMTb DNS na 3tom we cepeepe, yxaaaB ero IP- 
aApec K3K ((127.0.0.1*. 

Ecnn B ceTM ecTb m MapiupyTnaaTop n DNS- 
cepBep, HO Bbi He anaeTe, xax paaAoGbiTb 3 Ty 
MHcfropMapMio, BbinonHMTe na ApyroM KOMObw- 
Tepe KOMaHAy ipconfig c napaMecpoM /all. 


lUar 14. Tenepb yKaweM, b coctbb kbkom 
paOoHeM rpynnbi 6yAeT BKniOHeH cepBep. 3to 
AenaeTCfi b cneAyrotAeM okhc. 



Ecnn B ceTM ywe ecTb paOoHan rpynna, ne- 
oGxoammo yxaaaTb ee mmb. Ecnn neT, to nyw- 
Ho npMAyMBTb HOBoe. Ha 3tom MHCTannnriMn 
aaBepmena. Ha onepeAM APyran aaAana — 

HaCTpOMKa CMCTeMbl. 

HOBOe MMB, HOBOn pOBb 

flepBoe AenoM cobabahm nonbaoBaTenn 
c MMeneM, oTnMHHbiM OT Administrator. 

BbidepeM aneMeHT Memo ((Start ^ 
Administrative Tools ^ Computer Mana- 
gement*. flocne 3Toro na 3Kpane nonBMTcn 
cneAyKTigee okho: 



B OKHe ynpaeneHMSi KoivinbioTepoM mo>k- 
Ho cosAasaTb noabsoBaTe/ieii h rpynnbi 


flonbaoBaTenb, KOToporo mh xotmm coaAaTb, 
AonweH 6biTb BKnioHeH b rpynny aAMMHMCTpa- 
TopoB. flnn coaAaHMB nonbaoBBTenn, npaBoii 
KHonKOM MbiiuM igenKaeM na aneMeuTe ((Users*, 
aareM BbiOnpaeM aneMeuT ((New User*. B no- 
BBMBmeMcn OKue bboamm Aannwe HOBoro 
nonbaoBaTenn m ero naponb. CeMuac naponb 
MOWHO BBeCTM CaMOCTOBTenbHO. OAHaKO B Tex 
cnynanx, kotab 6yAyT coaAaBaTbcn aanncM pjin 
peanbHbix nonbaoBaTenen, wenaTenbHo, hto6w 
K awAbifi BBOAMn cbom naponb caMocTosTenbuo. 
B 3TOM cnynae naponb nonbaoBaTenn ne dyACT 
MaBecTen Aawe aAMMHMCTpaTopy. 

Tenepb neodxoAMMo BKniOHMTb hoboto 
nonbaoBBTenn b rpynny. 

► BbidupaeM ((Properties* Ton bko hto 
coaAaHHoro nonbaoBBTenn. 


► B onepeAHOM noBBMBmeMCfi OKue bw6m- 
paeM BKnaAKy ((Member 0f», a na neii hbwm- 
MaeM KHonxy ((Add...*. 

► B noflBMBmeMcn oKue HawMMaeM KHonxy 
((Advanced*, aareM b onepeAHOM oKue wmbm 
KHonKy((Find Now*. BbidpaB nywHyio rpynny, 
HawaTMeM KnaBMiuM «0K» AodaBnneM nonbao- 
BBTenn b 3 Ty rpynny. 

CoaABTb rpynny m BKnioHMTb b nee nonb- 
aoBBTeneM oneub npocTo. HawMMaeM npa- 
BOM KnaBMiueM MbiiuM Ha aneMeHTe ((Groups* 
(ue ((Users*), aaceM oTBenaeM ua Bonpocu. 

flonbaoBaTenM MoryT oAHOBpeMeuHo dbiTb 
HneuaMM uecKonbKMX rpynn. Ecnn uywHO, 
HTodbi nonbaoBBTenb, BKnroHeHHbiM b oAuy 
M 3 rpynn, CTan HneHOM TonbKO hto cotaumhom 
rpynnbi m HMKaKoii donbine, hboOxoammo CHa- 
nana cAenaTb nonbaoBBTenn nnenoM TonbKo 
HTO C 03 A 3 HH 0 M rpynnbi, a nOTOM MCKniOHMTb 
ero M 30 Bcex ocTanbHbix rpynn. 

(pyHKpMM, KOTopbie MowoT BbinonHfiTb Cep- 
Bep, B TepMMHonorMM Microsoft HaawBaiOTCJi 
pOnnMM. 1/1 HB 3TOM 3T3ne HBM HeodxOAMMO 
onpeAenMTb, kbkmb ponM 6yA6T MrpaTb TonbKO 
HTO MHCTannMpOBBHHblM HBMM CepBCp. 

flnn AodaBneHMfi cepaepy KaKoii-To ponM 
McnonbayeTcn tbkob cpeACTBo, kbk ((Configure 
Your Server Wizard*. OdpaTMTbCfi k HeMy mow- 
Ho BbidpaB aneMeHT ((Start ^ Administrative 
Tools ^ Configure Your Server Wizard*, flocne 
HecKonbKMx HawBTMM KHonKM ((Next* Ha oto- 
dpaweHMM noBBMTCfl okho, coAepwaigee cnn- 
coK peanMayeMbix cepaepoM ponen. 

Bbidpaa b 3tom okho neodxoAMMbie cep- 
aepy ponn, ecTecTaenno, nywHo mx npaanna- 
Ho CKOHcjjMrypMpoaaTb. Ho o6 3tom penb noii- 
AeT B cneAyioiAMX CTaTbnx. 

■ ■ ■ Mjibd IIoropeJibTM 



BK/noHeHne nonbaoBare/in b OAHy ms 
rpynn, cyiAecTByioii(iix hb KoivinbioTepe 
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MHCTA/1/1$1UM$) Vi HACTPOMKA 


c;iy>K6a k a t a ;i o r a Active Directory 



C;iyx6a 

nepenMCM 


B HacTOJimee epeMa Active Directory nB/ineicn peHipa/ibHbiM KOMnoHeH- 
TOM nnaicjDopMbi Windows. B OC Windows Server 2003 ona npnodpena 
HOBbie ycoBepiaeHCTBOBaHHbie bosmokhoctm kbk c tomkh speHnn ynpaB- 
neHun oOteKTaMn, laK m ctohkh speHnn BsanMOCBnsM ceieBoPi cpeAbi. 


n oTpe6HocTb B LteHTpannaoBaHHOM 

XpaHeHMM MH(J)OpMaL(MM o6 o6teKTax 
pacnpeAeaeHHbix ceieii m mx cbom- 
CTBax 6bma peaanaoBaHa KOMnaHneii 
Microsoft B BMfle c/iy>K6bi Kara/iora Active 
Directory (AD), BnepBbie nofiBMBiijeMCJi b one- 
papnoHHOM CMCTene Windows 2000 Server. 

Hto we npeACTaB/iaeT coOoii cnywOa Kara/io- 
ra? 3 to xpannnmAe Aannsix, ncnonbsyeMoe 
A/in AOCTyna k nncfiopMaAMM o6 oOteKTax 
(nojibaoBare/iM, KOMObiOTepbi, AOMenw n t. a-)' 
MX CBOMCTBax, a TaKwe Ana oOecneneHna 
caywO ayTeHTMtjJMKapMM m OesonacHocrn. Cto- 
MT 0C060 noAHepKHyib, HTO AD BB/iaeTca ne 
TOnbKO MH(J)OpMaL(MOHHblM peCypCOM, HO M 
wexaHMSMOM, nocpeACTBOM Koroporo aAMMHM- 
CTpaTopbi M nonbaoBareaM mmoiot bosmow- 
HocTb oOpaiAaTbCfl K 3TOM MH(|)opMaL(MM. Heo6- 
xoAMMo oTMeTMTb, HTO Active Directory He pa- 
OoTaeT Ha Windows Server 2003 Web Edition. 


HasHaneHiie 
cny)K6bi Karanora 

Ec/ 1M CeTb COCTOMT M3 fleCflTKa KOMnbK)TepOB M 
AByx-Tpex npMHTepoB, aflMMHMCTpaiop cnoco- 
6eH yflep>KaTb bcio Heo6xoAHMyK) MH(J)opMa- 
L^MK) 0 H6M y ce6fl B ro.noBe. Ec.hm >Ke ceib — 
3TO c.no>KHa?i cTpyKiypa, o6'beAHHfliomaB b 
CB oeM cocraBe 3HaHHTe.nbHoe Hnc.no AOMeHOB, 
AecBTKM pacno.no}KeHMM htncahm no/ib30Ba- 
T6.neM, Heo6xOAMMOCTb Ha.HMHMfl AeHTpa.HM30- 
BaHHOM MH(})OpMaAMOHHOM CMCTCMbl CTaHOBMT- 

cn oneBMAHOM. C/iy>K6a Kara.nora no3Bo.nfleT: 

► o6ecneHMBaib eAHHyra CMcrewy perMcrpa- 
AMM B ceiM (Mcno/ibayn CBoe pemcTpaAMOH- 
Hoe MMfi M napo.nb, no.nb30BaTe/ib no.nyHaeT 
Aociyn ko bcbm pecypcaw ceiM HeaaBMCMMo 
OT MX pacno.no>KeHMfl); 

► o6ecneHMBaib Tpe6yeMbm ypoBeHb 6e3o- 
naCHOCTM C6TM A-Hfl aaiAMTbi OT HeCaHKAMOHM- 
poBaHHoro AOCTyna, Mcno.nb3yfl BCipoeHHbie 


» 
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» B Active Directory cpeAcrea ayTeHTH(|)MKa4MM 
M ynpaB/ieHMB flocrynoM k pecypcaw; 

► ocymecTB/iBTb peHTpannaoBaHHoe ynpaBae- 
Hue BcewM pecypcaMM cern, mnpoKo ncno/ib- 
aya laKne nHcrpyMeHTbi, kbk rpynnoBwe no- 
nuTMKM, B c/iynae Heo6xoflHMOCTM Ae^ernpya 
pyTMHHyio aAMMHMCTpaTMBHyio pa6ory Han6o- 
nee onwTHbiM nonbaoBare/iJiM; 

► noAAep>KMBaTb TeKyiAyK) MH(|)opMaAMK) o 6 
o 6 teKTax cein, o 6 jierHaB rew caMWM Aocryn 
K 3 TMM o 6 teKTaM M MX CBOMCTB3M; 

► pacnpeAenjiTb Karanor MewAy HecKonbKMwn 
cepBepawM (KOHiponnepaMM AOMena) b ceiM 

c noMoiAbK) cny>K6bi pen/iMKapMM, o6ecneHM- 
Baj) ero AocrynHocTb m oTKaaoycTOMHUBocTb, 
a raxwe cHMrKan cereByio Harpyaxy. 

OcHOBHbie noHnTMn 

Active Directory 

ripe)KAe HeM nepeMiM k npaxiMHecKOMy paa- 
BepTbiBaHMK) Active Directory, Heo6xoAHMo 

OaHaKOMMTbCfl C ee 6aaOBblMM nOHBTMBMM 
M crpyKTypoM. Kaianor coctomt Ma aneneH- 
TOB (entry), npeACTaBnnroiAMx co6ok 5 Ha6op 
MHCjjOpMapMM MnM aTpM6yTOB, CBBaaHHbIX 
c peanbHbiMM o6i3eKTaMM ceiM. 06i3eKTaMM 
Karanora Active Directory Moryr aenjiTbCB 
nojibaoBarenM, rpynnw, KOMObioTepbi, npuH- 
repbi (m Apyroe o6opyAOBaHne), AOMeHw, 
opraHMaanMOHHbie noApaaAeneHMB (panee 
on) M npaBMna nonMTMXM 6eaonacHocTM. 

DneneHTbi xaranora opraHMaoBaHw b bmao 
M epapxMHecKOM crpyKTypbi (AepeBa). SneMen- 
Tbi, HaxoAJUAMecJi 6nM)Ke k xopnio AepeBa, 
o6biHHo npeACTaBn?iK)T co6oii 6onee cnowHbie 
o6'beKTbi (nanpMMep AOMenw m noApaapene- 
hmb), aneMeHTbi na BeiBBx aroro Aepeaa 
(riMCTbfi) — 6onee npocTwe o6beKTbi: no/ibao- 
BarenM, ycipoMCTBa, KOMnbroTepbi. rioAo6HaB 
cipyKTypa Karanora Morner 6birb onMcaHa 
B repMMHax npocrpaHCTBa mmoh. flan onpepe- 
neHMfl npocrpaHCTBa mmoh m mx paapemeHMB 
B AD Mcnonbayercfl cornameHMe o6 MMenoBa- 



HMM DNS, HTo o6ycjiaBnMBaer recHyio MHrerpa- 
AMK) cny>K6bi DNS c Active Directory. 

flocryn k o6beKTaM b Active Directory 
OCHOB3H Ha McnojibaoBaHMM npoTOKona LDAP 
(Lightweight Directory Access Protocol, o6- 
nerHeHHbiii nporoKon c/iy}K6bi xaranoroB). 

Oh BBnBercB MexaHMSMOM oOnoBneHMs MHcfiop- 
MapMM, aanpocoB m onpeAeneHMfi oObeKroB 
B Karanore. KawAbm oOteKT b Active Directory 
npeAcraeneH cbomm paa/iMHaioiAMMCfi MMeneM 
(distinguished name) LDAP. 3ro mmb ynuxa/ib- 
HbiM odpaaoM MAeHTMtjJMpMpyer odteKT (6yAb 
TO nonbaoBare/ib mvi aomoh) b xaranore. Ha- 
npMMep, paanMHaK)iAMMCB MMeneM Ann nonbao- 
Barenn Sergey, BxoAniAsro b noApaaAeneHMe 
Sales AOMeHa organization. local, 6yAer cneAy- 
loigan KOHcrpyKAMn: 

CN=Sergey, 0U=Sales, DC=organization, 
DC=Local. 


/lorMHecKan crpyKrypa Karanora Active 
Directory BK/noHaer b ce6n cneAyraiAMe 
3/ieMeHTbi: 

AoMeH — nomnecKM oerjeAMHeHMan rpyn- 
na cereBbix nonbaosareneM m KOMObioTe- 
poB, Ann KOTopoPi noAAeprKMBaercn eAMHan 
nOJlMTMKa aAMMHMCrpMpOBaHMH M 6e30- 
nacHOCTM. 

flepeeo — Ha6op aombhob, Mcnonbsyio- 
LAMX CBnaaHHbie npocrpaHCTBa mmbh. 

/lec — Han6ojiee KpynHan crpyKrypa b 
A ctive Directory, oebieAMHmoLAaH Aepesba, 
noAAep>KMBaioLAMe eAMHyKa cxeMy (onpeAe- 
neHMH OOTieKTOB M MX cbomctb). 

KoHTeiiHep — oneHb Ba>KHoe noHHTMe 
B AD. XoTH OH M HBnnercH no/iHonpaBHbiM 
oS’beKTOM Karanora m nacrbto npocrpaH- 

CTBa MMOH, C HMM HO M0>KeT 6blTb COHO- 
craBneH KaKOM-nM6o cPmbmhockmm oOraeKT. 



PaanMHaioiAeecfl mmh LDAP coctomt ms 
rpex rnaBHbix aneMBHroB: 

CN — odigee mma (Common Name), mmh o6b- 
exra b Active Directory; 
ou — on, MMfl noApasAeneHMn b Active 
Directory (odparMre BHMMaHMe, hto Ann 
BcrpoeHHbix KOHreMHepoB, tbkmx kbk «Users», 
MorKer McnonbsoBarbcn CN= bmocto 0U=); 

DC — AOMCHHan nacrb mmohm (Domain 
Component), DNS-mmb AOMena, b KoropbiPi no- 
MeiAen odbeKT, pasAeneHHoe Ha nacTM, coor- 
BercTByioiAMe KarxAOMy ms ypoBneii nepapxMM 
AOMBHOB, HauMHan c HM>KHero ypoBnn m saxan- 
HMBan BepxHMM (b HameM cnynae npeAcraane- 
na AByxypoBHBBan AOMBHHan crpyKrypa). 

flpyrMM cnocodoM onpeAsneHMn odtexTOB 
B Active Directory nBnnxrrcn oTHocMrenbHbie 
paanMHax)iAMecn MMena (relative distin- 
guished name). OrHocMrenbHoe paanMHaxriAe- » 


KoHTeMHep npeAcraenner co6oPi ronuKO 
norMHecKyx) oSononxy Ann rpynn oOtexTOB 
M APyCMX KOHTeMHepOB. 

OpraHMsapMOHHoe noApasAeneHMe 
(OH) — KOHTePiHep, noMoraxru^MM rpynnM- 
poBarb o6r>eKTbi Ann penePi aAMMHMcrpM- 
poBaHMn M npMMeHBHMn rpynnoBbix nonM- 
TMK. on cyuiecTByxjT ronbxo BHyrpM aomo- 
HOB M Moryr o6r>eAMHnrb oS’bexrbi ronbKO 
M3 CBoero AOMeHa. 

rno6a/ibHbiM Karanor — xpaHMnMu^e mh- 
cpopMapMM 060 Bcex oOTjeKTax, cyu^ecTBy- 
K5LAMX B necy AD. 

KoHTponnepbi AOMeHa — cepBepw w2k3, 
xpaHHU^Me peAaKTMpyeMyx) koumk) Karano- 
ra (pennMKy) AD. 

CaiiT — noA caMTOM noHMMaercn rpynna 
TCP/iP-noAcereM, MerxAy KoropbiMM ocyu^e- 
CTBnHerCH BblCOKOCKOpOCTHan CBH3b. 


B 


rjioccapHM 


3jieMeHTbi crpyKTypbi Active Directory 
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» ecn MMJi — 3T0 6onee kopotkmm nyib onnca- 
HMji o6i3eKTa, npMMeHjieMbm b tom c/iynae, 
ec/iM M3BecTHo, KBKOMy KOHTeiiHepy npnnaA- 
ne)KMT o6beKT. 

PasBepTbisaHiie 
Active Directory 

HepeMAeM HenocpeACTBeHHo k pasBepibiBa- 
HMK) Active Directory. ByAeM ncxoAMib m 3 
npeAnocbmKM, hto y nac ecTb necKo/ibKo 
KOMObrorepoB, oBteAHHeHHbix b HeBoabrnyro 
noKanbHyio cerb, cocraB/iBioiAyio paBonyro 
rpynny. Ha oahom m 3 KOMnbioTepoB (m/im na 
HecKoribKMx) ycraHOB/ieHa oneparinoHMafi cm- 
cieMa Windows Server 2003 Enterprise 
Edition (b Aa/ibneMmeM w2k3). ilpeAnono- 
)KMM, HTO npeASapHTe/IbHO B 3TOii CeTM He 6bl- 
m ycTaHOBneHbi cepBepu DNS m DHCP. 

ripoaHa;iM 3 MpoBaB noTpedHocTw HameM 
OpraHM 3 aAMM M TpeOoBaHMB no aAMMHMCTpM- 
poBaHMio M OeaonacHocTM, mw pemn/iM oOte- 
AMHMTb KOMHblOTepbl B OAMH AOMBH, MCHOnb- 
3yji Ham cepaep b xanecTBe KOHTponnepa 
AOMena (A.nfl peanMaapMH mhothx npewMy- 
lAecTB Active Directory b AOMene ao/dkho 
yCTaHaBHMBaTbCB KBK MMHMMyM ABa KOHTpon- 
nepa AOMena), co3AaTb Aaa opraHMaapMOHHbix 
noApasAeneHMfi Sales m Marketing m noMe- 




CTMTb B HMx nonbaoBBTeneM, mcxoasi m3 bw- 
noriHfleMbix mmm cfryHKAMOHanbHbix oOnaanHo- 
CTeii. KpoMe Toro, b Oil Marketing mw co3A3- 
AMM BnowenHoe Oil Printers m pasMecTMM b 
HeM ycTBHOBneHHbie b Hameii cerw npMHTepbi. 

Ann KOHcJjMrypMpoBaHMB cepaepa boc- 
noribayeMCB MacTepoM Configure Your Server 
Wizard. Oh MoweT 6biTb aanyigen H3 okhb 
«Manage Your Server* BwOopoM ohamm «Add 
or remove a role». Ero Taxwe mowho 3anyc- 
TMTb M3 MeHK) «Start -> All Programs -> 
Administrative Tools*. Macrep ycTanoBKM 
Active Directory — Active Directory 
Installation Wizard — BBaneTCfi nacTbio 
MacTepa Configure Your Server Wizard. 

flocne npoBepKM cereBbix uacrpoeK npeA- 
naraeTCB BuOpaTb ponn, KOTopwe 6yAeT 
McnonHBTb Bam cepaep. Bw6epeM ongMio 
«Typical configuration for a first server* 

(pnc. 1), no3BormK)iAyK) npoBecTir oAHOBpe- 
MeHHyK) ycTanoBKy na KOMUbroTep cepeepoB 
DNS M DHCP, AoOaBMTb po/ib nepBoro KOHTpon- 
nepa AOMena m ycTanoBMTb Active Directory. 

HaaoBeM cosAaBaeMwii aombh organiza- 
tion. local, nocne Hero eMy 6yAer npncBoeno 
MMB NetBIOS (pnc. 2), 3aTeM BwOepeM onAirio, 
aanpeigaioiAyio cepeepy DNS AenaTb nepe- 
aApecaAMK) aanpocoB, nocKo/ibKy ne nnauM- 




pyeM noKa paapemaTb MMena Bue namero ao- 
Mena (pnc. 3 ), m Macrep cooOiamt hbm o bh- 
OpaHHbix KOMnoHeHTax Arm ycranoBKn. 

B cneAyioiAeM oKue npeAnaraeTca BwOpaTb 
paapemeHMB no yMonnaHMio Arm oOrjexTOB 
«Users» M «Groups». flocKonbKy nam cepaep 
BBnBeTCB cepaepoM w2k3, BwOnpaeM BTopyio 
M3 npeAnorxeHHbix ohamm — «Permissions 
compatible only with Windows Server 2000 
or Windows. Net Server operating systems* 

(pMC. 4). flocne onpeAeneHMn naponn Ann 
BoccTaHOBneHMn CMCTeMw (pMC. 5) Macrep 
Active Directory Installation Wizard eige paa 
noKaabiBaer BbihpaHHwe ohamm, m HarnaTMeM 
KHonKM «Next» mbi aanycxaeM ycTaHOBxy 
Active Directory. 

ynpasneHiie o6'beKTaMii 

VcTaHOBKa AD Ha cepeep AobaenneT na 
BKnaAxy «Administrative Tools* MHCTpyMen- 
Tbi: «Active Directory Domains and Trusts*, 
«Active Directory Sites and Services* m 
«A ctive Directory Users and Computers*, flo- 
cneAHMM Mcnonbayercn Arm ynpaBneuMn 
nonbaoBarennMM, KOMUbiOTepaMM, rpynnaMM 
OeaonacHocTM m APyruMM obteKTaMM b AD. 

Ha neaoM nanenM 3 Toro npunorKeuMn bw yan- 
AMTe cTpyKTypy AD, cosAanubifi aombh organi- » 
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» zation. local m MaxoA^mnecji b new BcrpoeH- 
Hbie KOHTeiiHepbi (puc. 6). HepeiiAeM k 
C 03AaHMK) 3an;iaHMpoBaHHOM cipyKTypbi ao- 
M6Ha. riocKo/ibKy npneMbi co3AaHMji m ynpaB- 
JieHMJI ;iK)6blMM o6T3eKTaMM C nOMOlAbK) 

«Active Directory Users and Computers* ao- 

BO/IbHO CXO)KM, paCCMOTpMM MX HA UpMMepe 
padoTbi c on M nojibsoBarenjiMM. ItlenKHeM 
npaBoii KHOHKOM MbiujM y3en AOMena organi- 
zation. local B AopeBe Karanora n BwdepeM m 3 
nonBMBmerocji mohio oolimk) «New», a 3aieM 
((Organizational Unit* (pnc. 7). HaaoBew 3 to 
on Sales, M noc/ie HarKarnji KHonxM ((0K» oho 
nonBMTCfi B AepeBe Karanora HMwe yana ao- 
Mena. AnanorMUHO C03AaAMM On Marketing. 

noKa 3TM KOHTeMHepbi nycTbi. noweciMM b 
HMx nonb30BareneM. flnn 3Toro ipenKHeM npa- 
Boii KHOHKOM MbiiuM HywHoe noApaBAO/ieHMe 



3BOJiiOMMOHHoe pasBMTMe 


HoBbie B03M0XH0CTH 


Ann Tex, kto y>Ke paSoian c Active Directory 
B Windows 2000, 6yAei HeOesbiHiepecHO 
ySHaib o HOBbIX B03M0>KH0CTHX AD B W2k3. 
3 tm HOBbie cpyHKpMM Ae/iHTCH Ha AOCTynHbie 
B CMemaHHOM pe>KMMe {kotab He Bce koh- 
Tpojinepbi AOMeHa paOoTaKDT noA ynpaane- 
HMeM Windows Server 2003) m Ha Aocryn- 
Hbie B OCHOBHOM pe>KMMe (KOPAa BCe KOH- 
Tponnepbi AOMena — w2k3). Bot chmcok 
B 03M0>KH0CTeM Active Directory, AociynHbix 
Ha nio6oM KOHiponnepe AOMena noA yn- 
paBneHMeM ashhom OC: 

► npeAycMOTpeH BwOop HecKO/ibKMX nonb- 
BOBaie/ibCKMX yneTHbix oanMceM Ann oaho- 
BpeMeHHoro M3MeHeHHH mx cbomctb; 

► noAAep>KMBaeTCH nepeMeipeHMe oahoto 
MHM HeCKO/lbKMX OOteKTOB AD C HOMOlAblO 
cpyHKpMM Drag & Drop b HOBoe pacnono>Ke- 
HMe B AepeBe Kaianora; raK>Ke mo>kho 



M BbiOepew M3 KOHTeKCTHoro MeHK) CHanana 
((New*, a aarew «User» (pMc. 8). 3anonHMw 
noflBMBmeecji okho cbomctb no/ibaoBaTenn 
(pMc. 9), ycTBHOBMM pj\!\ Heco napo/ib 
(pMC. 10) M, npOBepMB 3TM CBeASHMS, Ha>KMeM 
KHonKy ((Finish*. UpoAenaB 3Ty onepaAMio 
HecKOHbKO paa, wbi paawecTMM Bcex no/ibao- 
BATeneM b cooTBOTCTByioiAMe noApaapeneHMs. 

Tenepb, ipe/iKHyB npaeoM khohkom MbiiuM 
oAHoro M3 nojibaoBaTeneM m Bw6paB BK/iaAKy 
((All Tasks*, oaHAKOMMMCfi ctomm aaAanaMM, 
KOTOpbie MOWeT BbinOnHflTb c Heii aammhm- 
CTpaTop (pMC. 11). 

KoHTeMHepbi AD AonycKaiOT AoOaBneHMe 

AOHepHMX KOHTeMHepOB, n03T0My He COCTaBMT 

6onbiiJoro TpyAa coaAaTb 00 Printers, eno- 
wenHoe b noApaaAenenMe Marketing, m paa- 
WeCTMTb B HeM CBTeBbie npMHTepW (pMC. 12). 



SoKnioHeHiie 

Active Directory sene eTCH neHTpa/iMaosaH- 
HbiM xpaHunMipeM MHcfiopManMM o6 oOteKTax 
ceTOBOM cpeAbi m o6ecneHMBaeTyAo6Hbie m 
HaAe>KHbie cpeACTBa Ann noMCKa m Mcnonbao- 
BAHMs 3TMX CBeA6HMM. CpoACTBa 6e3onacHo- 
CTM MHTerpMpOBAHbl B AD HOCpeACTBOM OAM- 
HOM cMCTeMbi ayTeHTM4)MKaLiMM no/ibaoBaTeneii 
M MX aBTopM3aL(MM, a TaK)Ke peHTpa/iMaoBaH- 
Horo KOHTpo/in AocTyna k oObeKTaw Kara/iora. 
AAMMHMCTpaTOpbl nO/iyHAIOT B03M0)KH0CTb 
ynpaBHHTb Bcefi ceTbio c /iio6oro KOMnbioTepa, 
a aBTopMaoBAHHbie nonbaoBATenM — Aocryn 
Ko BceM paapemeHHbiM cereBbiM pecypcaM. 
klHCTpyneHTbi ynpaBneHMfi noaBOjunOT npocTO 
M 3(J)(|)eKTMBHo pemaTb aaAaHM no coaAaHMio 
M ynpaB/ieHMK) oOteKTawM AD. 

■ ■ ■ rpviropMM EpeMeHKO 


Active Directory b Windows Server 2003 


npoAocTaensTb o6beKTaM nneHCTBO b rpyn- 
ne, npocTO nepeTacKMBan mx Ha M3o6pa>Ke- 
HMe 3T0M rpynnbi; 

> noMCK oObeKTOB Tenepb MomeT ocyipe- 
CTBnHTbCH c HOMOLAbKi 3anpoca 6e3 npo- 
CMOTpa, HTO yMeHbmaeT ceTeBoPi TpacpMK; 
b B ocHacTKe "Active Directory Users and 
Computersii AoOaBMJiacb cpyHKpMH aanncM 
HaMdonee nacTO McnonbsyeMbix sanpocoB 
A/ifl MX noBTopHoro odpaipeHMS k hmm; 

; noHBMnacb B03M0>KH0CTb ynpaBneHMH 
AD c noMOLAbK) yrM/iMT kombhahom ctpokm; 

► npeAycMOTpeHO KsiuMpoBaHMe HneHCTsa 
b rpynnax (ycKopmoipee perMCTpaqMio 

B CeTM), npM KOTOpOM MHCpOpMapMH 06 yHM- 
BepcajibHOM HJieHCTBe no/ibsoBaTeneM 
B rpynnax coxpaHeeTce Ha BbinonHstoiAMX 
ayreHTMrpMKapMio KOHTponnepax AOMeHa. 
HoBbie B03M0>KH0CTM Active Directory Mac- 


LUTada AOMeHa m neca AOCTynHW to/ibko b 
OCHOBHOM pe>KMMe Windows Server 2003: 
i> npeAycMOTpeHO nepeMMeHOBaHMe koh- 
Tponnepa AOMena des npeAsapMTenbHoro 
noHM>KeHMH ero ypoBHS ao phaobofo cep- 
Bepa AOMeHa; 

> bo 3 mo>kho nepeMMeHOBaHMe niodbix ao- 
MenoB, MX DNS- m NetBiOS-MMeH (BK/noHan 
KopeHb Aepesa m KopHesoM aombh neca); 

> paCLUMpeHa AByXCTOpOHHHS TpaH3M- 
TMBHOCTb OdnaCTM BMAMMOCTM C OAHOTO 
neca Ha APyroM; 

> B03M0>KH0 nepeMeipeHMe cyipecTByioLAMX 
AOMeHOB B CTpyKType neca; 

> npeAycMOTpeHO OTKnioHeHMe HeMcnonb- 
syeMbix KnaccoB mom aTpMdyroB cxeMbi; 

B npopecce pennMKapMM Tenepb nepeAaeT- 
CH He penaa rpynna kbk eAMHMipa pennMKa- 
PMM, a OTAenbHbiM HneH rpynnbi. 
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HACTPOMKA 


flOCTyn K ceieBbiM pecypcaM 


06 LuecTBeHHoe 

AOCTOSIHIfe 


TeopMfl w npaKTMKa 


OaHOM M 3 OCHOBHbIX SBAAM npM C03AaHMM 

;ik) 6 om ceiM jiB/iyiercB npeAOcraB/ieHMe ao- 
ciyna k paa/iMMHbiw nporpaMMHbiM m anna- 
paTHbiM pecypcaM cgtm. BbiAe/ieHMe pecyp- 
ca A^^ coBMecTHoro Mcno;ib30BaHMji npM- 
HjiTO HaabiBaTb repMMHOM «sharing». 


J nn pa6 oTbi b cern Windows-MamuHW Bcerfla ncno/ib- 
30 Ba;iM npoTOKo/1 NetBIOS. Oh caw no cede ABnaeT- 
I J npMKnaflHbiM, a He rpancnopTHbiM, m flocraBKa 
naKeroB b new MaHanaJibHo npoMCxoflM/ia c;ieAyioiMHM o6pa- 
3om: KOMnbK)Tep-oTnpaBHTe;ib nocbinaer naKer Bcew o6nTa- 
renjiM ceiM (uiMpoKOBeipaTe/ibHoe coodipeHMe), m Bce, Kpo- 
Me KOMObtoTepa-nojiyHarejifl, ero MrHopwpyioT. Ochobom flne 
NetBIOS cnywMn TpancnopTHbiii nporoKOJi NetBEUI — ne- 
MapujpyTM 3 npyeMbm nporoKon (3a cner OTcyrcTBMfl ochobw 
cereBoro ypoBHji), Mcno;ib 3 yiomMM To/ibKo mnpoKOBema- 
renbHbie coodipeHHB. A NetBIOS — 3to cMCTewa mckjuo- 
HMTenbHo BBOfla-BbiBOfla MHtJjopMaLiMH (hto OTpa)KeHO M B 
Ha 3 BaHMM), a ne flocraBKH h^h ee KOHipo/iB. Ho™hho 6 bi;io 
6bi npeflnonoMMTb, hto flna ycneiiiHoii flocraBKH nH(J)opMa- 
pwM Heo6xoflHMo 3Haib aflpec no/iyHaTe/i 5 i. C flpyroM cropo- 
Hbi, flnfl HopMa/ibHoro (JjyHKpMOHMpoBaHMB TaKoro BJieMeHTa 
KOMObtorepHOM CMCTewbi, KaK no;ib 30 BaTe/ib, HeoOxoflMMO, 
HTo6bi KOMObtoTepw MMeJiH human-readabLe-nfleHTH(j)MKaTo- 
pw — MMena. A.^'f conocraBneHMfi hmbh KownbiOTepoB ce- 
TH Hx aflpecaw (paapemeHMe hmbh) b crapbix cerexTaKwe 
Mcno/ib 30 Ba/iocb mnpoKOBeiflaHMe — KOMObtorep «cnaMM;i» 
ceib, nbiiaflcb BbmcHMTb, KaKOMy aflpecy npwHaflne)KMT hma. 
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» TaKaji cxewa coaflaer mmhmmym abb npoSiieMw: 
6oabmafl HarpysKa na ceib m BosMowHocTb 
«npoc;iyujMBaHHfl» Bcex coo6iAeHnii b cern. 
Kpowe Toro, mnpoKOBemaTejibHbm werofl noa- 
Bo/ifieT KownbiOTepaM o6maTbcji lojibKo b paw- 
Kax oflHoii noAceiM bcjibactbub cbobm Hewap- 
mpyTuanpyeMocTM. nosB/ieHne b KanecTBe 
ipaHcnopTHbix npoTOKoaoB TCP/UDP pemnao 
npoSjieMy cBsan mbwav paa;iMHHbiMM ceraMH. 

CepBMC WINS 

WINS (Windows Internet Name Service) — 
nepe>KMTOK npomjioro, HacneAwe crapbix npo- 
TOKoaoB ceieii Microsoft, b ornnHne or DNS, 
KOTopan sB/ifleTca coapeweMHoii cncieMoii 
npeodpaaoBaHMS mmoh KOMnsHarepoB b IP- 
aApeca. Bee HbmeibHne onepapnoHHwe cn- 
creMbi McnonbayioT nweMHo ee. CncreMa WINS 
(oHa >Ke NetBIOS Name Service) — aro no 
cyan ocodeHHbiM DNS, «aaTOHeHHbm» noA 
NetBIOS. Heo6xoAMMocTb ncnonbaoBarb 
cepeep WINS nMeercji to/ibko npn nanmm 
B ceTM ciapbix CMcreM Windows 95/98/Me. 

Cny)K6a WINS aBnaercji, BeponiHo, npo- 
CTeiiiuMM na cepBucoB b HbmemHMx cerax. 
Hpopecc padoTbi cnywObi aaK/iroHaeTca b c/ie- 
AyioiAen: npn noAK/iroHeHnn k cein K/ineHT 
coeAMHJieTCJi c cepBepoM n aanpamuBaer pe- 
rucTpaAMio. CooTBeTCTByroiAee KnueHiy mma 
M ero aApec aanocaTca b 6aay AaHHwx cepBe- 
pa. rio aaBepmeHMM padorw KaneHTiaKrKe 
coodipaeT cepBepy o Heo6xoAHMocTM yAaae- 
HMfi CBoeri aanucn na 6aabi. KarKAbiii K/ineHi 
npn HeodxoAMMOCTM coeAnHeHna c Apyrnw 
ynacTHUKOM cern aanpamnBaer y cepaepa 
aApec 3Toro ynacTHnKa no ero nueHn. 

Ecan Bama ceib coctomt na necKonbKnx 
noAcereM, TO b Ka>KAoii na hmx neodxoAMMo 
ycTaHaBTiMBaTb CBoii WINS-cepaep, a nHane 
b CBJian c HeMapmpyTManpyeMOCTbK) mnpoKO- 
BeiAarenbHbix aanpocoB HeKoropwe crapwe 
itfineHTbi He CMoryi npaewribHO (|)yHKL(MOHMpo- 
BaTb. Me>KAy cepaepaMM, ecrecTBeHHo, AoroKHa 
6biTb coaAana CMcreMa penBHKauMM. B hobom 
MHK apHaAMM WINS noHBMnacb BoaMorKHocTb 
nocTOHHHoro coeAMHeHHB napTHepoB pennw- 
KapMM. BaaroAapa bkohomhm BpeweHM m pe- 
cypcoB Ha oTKpbiTMM M aaKpbiTMM ceccMii, 6 aabi 
AaHHbix paajiMHHbix WINS-cepaepoB naxoAfiTcn 
B 6 onee aKrya/ibHOM coctohhmm. Kpone roro, 
HOBan CMCTewa MAeHTMcfiMKaTopoB aepcMM 
aanwcM noaao/uieTTOHHo onpeAenjiTb aocto- 
BepnyK) HH(|)OpMaAMK) O COOTBerCTBHM MMeHW 
aApecy yHaciHMKa ceiM. 

PenriMKauMfl 6 aaw AaHHwx MewAy napine- 
paMM WINS npoMCxoAMT b rpex pewHMax: 


push, pull M push/puU — npweM, nepeAana m 
npMew/nepeAaHa cooTBercTBeHHo. B nepBOM 
cnyHae cepBep coodipaeTo hboOxoammoctm 
pen/iMKanMM m MaMeneHMH CBoeii 6aaw napr- 
HepaM. Bo BTopoM enynae cepaep nepwoAM- 
HecKM aanpaujMBaer MaMeHeHMfi y napinepoB. 
TpeiHii Twn KOMBwHMpyeT nepawe abb. 

VciaHOBKa cepaepa WINS, kbk m APyrux 
cepBMCOB Ha Windows Server 2003, npeA- 
CTaBaaer co6oii Ao6aB/ieHMe cooTBercTByio- 
ipeM pojiM Hepea kohcohs, m 3 tot npopecc ne 
npeACTaenaeT HMKaKoii c;io)khoctm (pnc.l). 
riocne MHCTa/iaflAMM cepeep WINS noanocTbio 
roTOB K paOore b craHAapTHbix yc/ioBMjix m ne 
TpeOyer AononHMienbHbix naerpoeK. 

CereBbie pecypcbi 

OaM/iOBbiM cepBep 

(PaiinoBbm cepaep, Kax c/ieAyer na HaaBaHwe, 
cnyrKHTAna xpaneHHfi m/im oOwena MH(|)opMa- 
AMM. 3 to MoryT 6wTb (Jraiinbi coBepmeHHo 
paaHbix TMnoB, ho lax m;im MHane Bce 3 to xo- 
aaiiCTBo aanuMaer rwraBafiTbi nawfiTM. B mc- 
nojibaoBaHMM auckobwx pecypcoB uriMeHTOB 
npocTo HeoOxoAMMo orpaHMUMBaib (cnoaec- 
Hbie yroBopbi, xax npaBM/io, ne noMoraror). 

B nepBOM )Ke Awaaore npn Ao6aB/ieHMM 
pojiM «File Server® nan onenb KCTarw npeAaa- 
raiOT ycTaHOBMTb kbotw na AncKOBoe npo- 
cipancTBo Ana noabaoBareaeM. OnpeAeaaa 
npeAea, mo>kho ycTanoBMib ypoaenb Mcnoab- 
aoBaHMfl, npM KoropoM KaMenr OyAei onoae- 
ipeH 0 HeoOxoAMMocTM HaaecTM nopaAOK b 
CBOM x (jjaiiaax. K cowaaenmo, neabaa yciano- 
BMTb KBOTbi HB paaaMHHbie AMpeKTopMM. Orpa- 
HMueHMe BbicTaaaaeTca na noabaoBaHwe ace- 
MM pecypeaMM b neaow. 

flaaee mo>kho ycTanoBMib cayrxOy wHAeK- 
caiAMM. 3 tot cepBMC KaraaorMaMpyeT coAep- 
WMMoe (jraiiaoB b «pacmapeHHbix» nauKax 
M noaBoaaer Obicrpee naxoAMTb nyrKHyio mh- 
4)opMaLiMK). flaHHaa caywOa cwabHo narpy- 
waeT cepaep m noaeana loabKo b tom caynae, 
ecaM BaujM KaneHTbi onenb nacTo noabayiOTca 
noMCKOM. B npoTMBHOM caynae oOaaaTeabHo 
oTKaioHMTe ee na BameM cepaepe. 

Ha nocaeAHBM 3Tane CMCTeMa npeAao>KMT 
CAeaaTb Kaxyio-HMOyAb nanxy oOiAeri. 3 to 

ABMCTBHe MO>KHO OCTaBMTb H3 HOTOM, HO KOH- 

coab ynpaBaenwa OypeT CHWTaTb poab (fiaMa- 
cepBepa HeaKTMBMpoBaHHoii, noxa ne no- 
aBMTca xoTa 6w oahb «pacmapeHHaa» nanKa. 
BnpoHBM, 3TO He MMeeT oco6oro anaHeHMa. 

OcHacTKa ynpaBaenwa c()aMaoBbiM cepee- 
poM BKaionaeT b ce6a aecb HeoOxoAMMWM na- 
6op MHCTpyMeHTOB Aaa MaHunyaaiAHii c o 6 iam- » 
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HACTPOMKA 

flOCTyn K ceieBbiM pecypcaM 



I B I » I 

Pmc. 1. /]Ha;ioroBoe okho MacTepa 
Ao6aBaeHHn cepBepy hobom po;iH 













Phc. 2. C o6utHMii pecypcaMH mo>kho 

npoBOAMTb pas/iHHHbie AeMCTBMfl 



» MM pecypcaMM, ceaHcawM m tom3mm flMCKa 
(pMC.2). riepBbiM A6J10M aar/iJiHeM b CBoiicTBa 
o6meM nanKM. C nepsoro BsmflAa oco6bix m3- 
MeHBHMM He saMeTHo. riepeMAeM na saK/iaAKy 
«Security» m bomasm b pacmMpeHHwe napa- 
Merpbi (KHonKa «Advanced»). 3Aecb mw bm- 
AMM Ao;iro>KAaHHyio 3aK;iaAKy «Effective 
Permissions)). C noMoiAbio sioro MHcrpyMeHTa 
renepb mw MorneM npocMorperb peanbHbie 
npaea nonbsoBaTe/ie m^m rpynnw na Aociyn 
K nanKe m/im (Jjaiiny c yneroM Bcex «HacneA- 
CTBeHHocieM)) (pnc. 3). 

B pasAsne ocHacTKM «Shares)) mw bmamm 
eme oaho HosmecTBo — cepsMC leHeBoro 
KonnpoBaHMB («Shadow Copies))). 3ra cm- 
creMa yHac/ieAOBaHa, ec/iM mo>kho rax Bbi- 
pasMTbce, M3 Windows XP m pacioMpeHa b 

B03M0)KH0CTJ1X. TeHBBOe KOOMpOBaHMO — 

3TO npospaHHafl Ane no/ib30BaTene CMcreMa 
apXMBMpOBaHMH ASHHblX. B COOTBBTCTBMM 
c pacnMcaHMeM coxpaHjnoTce «MOMeHTa/ib- 
Hwe CHMMKM)) odteKTa (HesaMeiHo p,ni\ 
nonhsoBarenji), a nojibsoBarenb npoAonrxaeT 
padoTaTb y>Ke c hobom BepcMeii. B Windows 
Server 2003 3ra CMCieMa nosBo/ieeT co3ab- 
BaibTOHKM B03Bpara B npeAWAyiMne BepcMM 
pecypcoB. flne noHMMaHMe paOorw CMcreMw 
CTOMT npMBecTM npMMep. 

Co3AaAMM Ha AMCKe oSmyio nanxy FILES, 
a B HeM npocTOM TeKCTOBWM (jjaiin. OixpoeM na- 



Henb «Configure Shadow Copies)), BwfiepeM 
3TOT amck m aKTMBMpyeM CMcreMy («Enable))). 
Cpasy nocne aKTMBariMM CAenaeM reneByio ko- 
nMK) AMCxa (KHonxa «Create Now))), ilocne 3to- 
ro CAenaeM nio6oe MSMenenMe b HaineM recro- 
BOM (|)aMne m chobb cosabamm reneByio kohmio. 
flnn nonyneHMe 6onee narnnAHOM xapiMnw no- 
BTopMM npopeAypy MaMeneHMe t|)aMna m co3Aa- 
HMfl reHM eme napy paa (pMC. 4). Elocne npoBe- 
AeHMJi 3TMX MaHMnynnuMM orxpoeM CBOMCraa 
recTOBoro nepea «Network Neighbour- 

hood)). Ha nanenM cbomctb mo)kho HadmoAarb 
HOByio saxnaAxy «Previous Versions)). Elonbso- 
Barenb renepb cnocodeH npocMorperb, ckohm- 
poBarb MnM BepHyrbcn k npeAWAyiMMM BepcMSM 
(Jraiina, ecnM norpebyercn (pMC. 5). ilpM rene- 
BOM KOHMpoBaHMM A^CKa npopeAype noABepra- 
lorcn Bce Aannwe b o6iamx nanxax. 

Hexoropwe roHxocrM. Tenesoe xonMpoBa- 
HMe npoM3BOAMrcfl ronbxo Ha bcbm roMe (amc- 
Ke). VcranoBKa KonMpoBaHMji Ann orAenbHOM 
nanxM HeB03M0>KHa. McnonbaoBarb «Previous 
Versions)) Moryrronbxo nonbaoBarenM c one- 
papMOHHOM CMcreMOM Windows XP m Bwine. 

Ha Windows XP npM aroM hooOxoammo ycrano- 
BMrb AononHMrenbHoe HO, naxoAniMeecn b am- 
pexropMM 7oSystemRoot\System32\ dients\ 
twclient cepBepa Windows 2003. 

HacrpoMxa cnyrKOw reneBoro KonMpoBa- 
HMn saxmoHaercfi b cneAyioiAeM: Ann xarKAoro 



roMa neoOxoAMMo ycranoBMrb MaKCMManbHwii 
pasMep AMCKOBoro npocrpancrBa noA koomm 
( jjaiinoB (MMHMMyM 100 MOarir) m 33Aarb nna- 
HMpoBiAMxy Hacrory KonMpoBaHMn. 

CneAyer eige saMerMrb, nro c()aMnoBbiM 
cepBep Microsoft Windows 2003 ynacneAo- 
Ban or CBoero npeAinecrBeHHMKa Windows 
2000 BCe OCHOBHWe B03MO>KHOCrM. Bw MO- 
>xere co3AaBarb nporpaMMHwe RAID-m3ccm- 
Bw (AMHaMMHecKMe M aepKanbHwe roMa), 
nonbsoBarbcn CMcreMOM aBroHOMHwx (Jjafi- 
noB, crpoMrb pacnpeAeneHHwe 4)aMnoBwe 
CMCreMW DFS m r. A- 

C/iy>K6a nenaTM 

Cny>K6bi nenarM Windows Server 2003 He 
MHorMM ornMHaiorcn or cnyrxO Windows 
2000. B HMcne ochobhwx MSMeneHMM orcyr- 
crBMe noAAepwKM nporoKona DLC (Data Link 
Control), KoropwM Mcnonbaoeancn crapwMM 
BepcMnMM npMHr-cepBepoB KOMnaHMM 
Hewlett-Packard; B03Mo>KHocrb coBMecrno- 
ro Mcnonb30B3HMn He ronbxo npMHrepoB, ho 
M (jraxcoB (oObeAMHeHMe cnyrnO); bo3mo>k- 
Hocrb ycranaBnMBarb ApaMBepw ycrpoMcre 
B perxMMe nApa c noMoigbio rpynnoBwx no- 
nMrMK (Ann aAMMHMCrparopoB). KpoMe roro, 
npoMSomnM Hexoropwe MSMenenMn b cro- 
poHy npoM3BOAMrenbHocrM m paanMHHwx 
MHrepcJjeMCHwx yKpameHMM. OcoOenno Ba>K- 
HWM coObirMeM B 3roM orHomeHMM crana 
recHan MHrerpauMn cny)x6 nenarM m cnyrx- 
6w IIS. BnaroAapn aroMy nenarb (ornpaBxa 
(JjaxcoB) M ynpaaneHMe eio cranM nonnocrbio 
AocrynHbi nepes Be6-MHrep(J)eMC. Bo3mo>k- 
Hocrb Point and Print — «KnMKHM m nanena- 
raii)) — no3Bonner nonbsoaarennM ycranaa- 
nMBarb npMHrepw oahmm xnMxoM. flpaMBepw 
Ann npMHrepoB rorxe mo>kho MHcrannnpo- 
Barb c Be6-cepBepa. CMcreMHwe bammhm- 
crparopw Moryr odoapeBarb cocronHMe 
npMHrepoB m c()aKCOB m ynpaBnnrb onepe- 
AnMM nenarM raxrxe m 3 Be6-MHrepc|)eMca. » 
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» ycTOHOBKa npHHT-cepeepa 

A renepb nepeMAew HenocpeACTBeHHo k 
ycraHOBKe npuHi-cepBepa {Ao6aB;ifleM po;ib 
«Print Server*). Ha nepeoM arane onpeAenn- 
ercji Heo6xoAMMocTb ycTaHaennBaTb ApaMse- 
pw Ann Bcex oneparinoHHbix cucreM ceMeii- 
CTBa Windows nnn TonbKO Ann Windows 
2000/XP. A Aa/iee npeA/iaraeTcn ycranoBnTb 
nepBbiii npMHTep, hto mw m cAe/iaew (pnc. 6). 
rioc/ie 3Toro b kohco/im «Manage Your Server* 
nojiBnjieTcn noBbrn nyuKT «Print Server* co 
ccbmKOM Ha Ao6aBneHne ApawBepoB. flo6a- 
BMM AononHMTenbHbie ApawBepbi Ann Apyrwx 
OC (pnc.7). Tenepb nonbaoBarenio He nywHO 
6yAer MCKaib ApafiBepbi b HHiepHere nm 
nmiJHMM paa TeppopnaMpoBarb cnywdy rexHM- 
HecKoii noAAepn<KM. flpawBepbi aBTOMaiMHe- 
CKM ycianoBjiTcn c cepaepa. B Kown/ieKi 
Windows Server 2003 bxoamt orpoMHoe ko- 
riMHecTBo ApaiiBepoB Ann 6onbmnHCTBa cy- 
lAecTByioiAMx na Aannem MOMenr MOAeneii 
ycTpoiicTB neHaiM. Ecnw bw ne Mcnonbayere 
npHHiepoB-HOBHHOK, TO 0 npoOnoMax noMCxa 
ApaiiBepoB m xpaneHHfl «na BcnKwii cnyHaii* 
MO)KHO He OeCnOKOMTbCfl. 

OCHOBHbIM MOWeHTOM B KOH(|)MrypMpOBaHMM 
npHHT-cepaepa ABnaeTcn HacrpoiiKa spooler 
(oHepeAn). npn;io)KeHMfl renepripyiOT m nocw- 
naror AaHHbie na npwHTep Owcrpee, new oh ne- 
HaraeT. fl/in roro htoOw paarpyanib no/ibaoea- 
TenbCKoe nporpawMHoe oOecneneHMe, AaHHbie 
aanwcbiBaioTcn na npwHT-cepBepe n noweiAa- 
lOTcn B onepeAb Ann nocneAyroLAeii nenaTM. 

3a CHei 3Toro yBenHHHBaercji Bpene BbiBOAa 
Ha nenaTb. Ecnw oTKaaarbcn or cosAannn one- 
peAH («Print directly to the printer*), to cko- 
pocTb nenaTM yeenHHHTcn, ho npn 3 tom aaMeA- 
nMTcn paOoTa nojibaoeaTenbCKoro npnno)KeHMfi 
(pWC. 8). CTaHAapTHbIM BapwaHTOM HaCTpOMKM 
spooler Ann oOiAero npwHTepa eenseTcn one- 
peAb c HeweAneHHbiM nananoM nenaTM Ao^y- 
MeHTOB («Start printing immediately*). 

flne onTHMMaariMM padoTW ceTeBwx npwH- 
TepOB MO)KHO MCnOJIbaOBaTb CMCTeMbI npM- 



i ^ \ I 

Phc. 7. Mo>kho yKaaaib AonoaHMTeab- 
Hbie ApaHBepbi Ann APymx OC 


opwTeTOB, a TaK)Ke nynw npnHTepoB. cpMaMHe- 
CKoe ycTpoMCTBo nenaTM MoweT nponaneTbca 
B CMCTeMe donee new b oahom aKaewnnnpe. 
yCTanOBMM OAMH M TOT we npWHTep ABaWAbI 
noA paaHbiMM MMenaMM. B cbomctbax oahoto 
aKaewnnapa BucTaBHM npMopnTeT «1», a bo 
BTopoM «2». Tenepb paapemHw oahom rpynne 
nonbaoBaTenePi AocTyn k nepBowy npMHTepy, 
a Apyroii — Ko BTopoMy. llpM OAHoapenen- 
HOM nenaTM nonbaoBaTenePi 3tmx AByx rpynn 
B nepByro onepeAb 6yAyT o6pa6aTbiB3Tbcn 
AOKyneHTbi na BTopoPi rpynnw. Tax xax npw- 
opwTeT MX npMHTepa Bbime. KowOMHupye 
ypoBHM npMopMTeTa, paanMHHwe rpynnw 
nonbaoBaTenePi m BpeMB AocTynHocTM npMH- 
TepOB MOWHO AodMTbCJl npMd/iMweHMJi K on- 
TMManbHowy pacnpeAeneHMio pecypcoB ne- 
H3TM. Kpowe Toro, c()MaMHecKMe ycTpoPicTBa 
MOWHO odbeAMHjiTb B nyjibi nenaTM (b npo- 
TMBononowHOCTb nepBOMy cnocody). 

ycTaHOBKa nyna nenaTM npoMaaoAMTcn 
c noMoiAbK) MacTepa Add Printer Wizard (wa- 
CTep ycTanoBKM npMHTepoe), b KOTopoM co- 
aAaeTcn HOBwPi npMHTep m aaTew b oKHe ero 
CBoPicTB (nyHKT «Properties» KOHTeKCTHoro 
MBHio) Ha BKnaAxe «Ports» HaanaHaeTcn ko- 
/IMHeCTBO nOpTOB BbiBOAa, paBHOe KO/IMHeCTBy 
ceTeBbix npMHTepoB, KOTopwe hboOxoammo 
odteAMHMTb b nyn. Elocne 3Toro neodxoAMMO 



oTMeTMTb (JjnawKOM onuMK) «Enable printer 
pooling* (pMC. 9). ElpuHeM CMCTewoPi ne or- 
paHMHMBaeTcn xonuHecTBo npMHTepoB b nyne, 
M nopTbi npMHTepa MoryT 6wTb OAHoro m^m 
paaHbix TMnoB (ceTeawe, nocneAOBaTenbHwe, 
napa/menbHbie). Ctomt OTweTMTb, hto Boa- 
MowHo odteAMHeHMe b nyn TonbKo MAeHTMH- 
HblX yCTpOpiCTB neHATM. 

ripM McnonbaoBAHMM nyjia nenaTM Bce odt- 
eAMHeHHbie b Hero npMHTepw oTodpawaioTcn 
cMCTewoPi K3K OAHO ceTeBoe ycTpoPicTBo, m 
npM nenaTM na Hero AOKyweHT oTnpaB/ieeTcn 
Ha TOT npMHTep, KOTOpWpi B AaHHbiPi MOMeHT 
CBodoAen. 3to noaBormeT yMenbujMTb Bpenji 
owMAaHMji nonbaoBaTeneM onepeAM nenaTM 
CBoero AOKyweHTa. 

HeBoaMowHo yanaTb aapanee, xaKoPi 
MMeHHo npMHTep nyna nonynuT tot m^m mhoPI 
AoxyneHT. EcnM b cbtm aKTMBMpoBana cnywda 
coodiAeHMPi Messenger Service, to no/ibaoea- 
Tenb, oTnpaBMBUJMPi AOKyweHT na nenaTb, aa- 
TOMaTMHecKM nonyHMT coodigeHMe, b KOTopow 
6yAeT yxaaaHo, hto nenaTb AoxyMeHTa awnon- 
Hena m oTodpaaMTcn nopT BwaoAa npMHTepa. 
Ecjim we Messenger Service ne ycTanoB/iena b 
aamePi cbtm, pexoMeHAyeTcn paaMecTMTb ace 
ycTpoPicTBa nenaTM b oahom (JjMaMnecKOM Me- 
cTe, HTO odnerHMT nonbaoaaTennM «pyHHoPi» 
noMCK CBOMX pacnenaTaHHbix AoxyMenToa. 

SoKnioHeHiie 

OnepauMOHHafi cucTewa Windows Server 2003 
npeA0CTaB.nfleT CMCieMHOMy aAMnnncTpaTopy 
LUMpoKMe B03M0>KH0CTM HO ynpaBneHMK) M op- 
raHMsaAMM pecypcoB oOmero Aocryna. V\x 
npaBM.nbHo npoBeAeHHafl HacrpotiKa no3Bo- 
nv\T noiib30BaTe/ifiM Obicrpo n atJjcJjeKTMBHo 
oOMeHMBaTbCfl pa3JlMHHOM MHCj)OpMaAMeM BHy- 
TpM ceiM M coBwecTHo Mcno.nb30BaTb ceieBbie 
annapaiHbie cpeAcraa, ne Meman Apyr Apyry* 

■ ■ ■ MBaH IlepneTyMOB 
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MM5I 


DNS — He pocKOLUb, 

a Heo6xOAHMOCTb 

ripoTOKoji, onpeAe/iJiBiuMM nopjiflOK o 6 MeHa 
MHtjJopMapneM B HHTepHere, onucbiBa/i b tom 
MMC/ie M CMcreMy aApecapnn KOMnbiOTepoB, 
o 6 beAMHeHHbix B ary Ceib. ComacHo aroii cm- 
cTOMe, Ka>KAOMy KOMObrorepy npucBanBaacfi 
yHMKaabHbiM HeTbipex 6 aMTOBbm aApec, koto- 
pbiM craan HasbiBaib IP-aApec. CraHAapr ho- 
Boro npoTOKoaa m, cooTBercTBeMHo, cucreMbi 
aApecoBaHMs 6 bmn npuHaibi b 1982 ropy. 

Oahako HeaoBeKy ropaapo npoipe aanoM- 
HMTb HexoTopoe C/10B0, H6M HCTbipe 6ecco- 
pep)KaTe/ibHbix paa Hero Hwcaa. Ha-aa aio- 
ro cpaay nocae Hanaaa pa6oTw hobom ceiM 
y noabaoBareaeM CTaaw noaBaarbca cnMCKw, 
B KOTopbix xpaHMaMCb H6 ToabKo appoca, 

HO M cooTBeiCTByioiAMe MM MMena yaaoB. 


3tm paHHbie, o 6 biHHo xpaHMBiiJMecfl B (jjaiiae 
c MMeneM hosts, noaBoaaaM npM yxaaaHMM 
MM 6 HM yaaa MTHOBenno noaynMTb ero IP- 
appec. rioawe npopecc BneceHMa Koppexiy- 
pw B 3 TM (JjaMabi 6 bia ycoBepmeHCTBOBan — 
nocaepHHaio BepcMio (^avma hosts mo>kho 
6 biao CKanaib c necKoabKMx cepBepoB c aa- 
panee onpepeaeHHbiMM appecaMM. 

C POCTOM HMCaa KOMnblOTepOB B C 6 TM 
KoppeKTMpoBaib 3 TM cfjaMabi BpyHHyK) craao 
HeB 03 M 0 )KH 0 . PloaBMaaCb Heo 6 xOpMMOCTb 
B rao 6 aabHOM 6 aae mm 6 h, noaBoaaroipeM 
npoM 3 BopMTb npeo 6 paaoBaHMe hmbh b IP- 
appeca 6 ea xpaneHMa cnMcxa cooTBeiCTBMfl 
Ha Ka>xpoM KOMHbiOTepe. Taxoii 6 aaoM cia- 
aa DNS (Domain Name System) — CMcreMa 
MMeHOBaHMa poMenoB, KOTopaa nanaaa pa- 
6 ory B 1987 ropy. 


weTbipex 


6aHTOB 


CornacHo cucieMe aApecaunn KOMnbioTe- 
poB B ceinx KaiKAoPi MaiunHe npMCBaMBaei- 
cn yHHKa.nbHbiPi MeTbipex 6 aPiTOBbiPi IP- 
aApec. Ho TO.nbKO 6 ;iaroAap 8 DNS Mbi mo- 
>KeM o 6 paiAaTboi k hum no 6 o.nee npnBbiM- 
HblM HAM MMeHAM, HAnpHMOp WWW.ichip.rU, 
www.maiLru, a He no Ha 6 opy UMctip. 
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B MeHK) nepeHHcneHbi o6'beKTbi, 

KOTopbie Ao6aBnnioTcn b asp^bo DNS 


flOMena nocjieflHnii MWKer 6 biTb nepesefleH 
B HOByio 30Hy, an 6 o ocraBaen b 30He CTOflme- 
ro H3A hum flOMena. flaa KawflOM 30hw paape- 
meHMfl Ha co3AaHne nan yAaaeHwe Bcex bxoaji- 
lAMX B Hee AOM 6 HOB AeaerwpyioTCfl OTAeabHO. 

fljlB HOpMa/IbHOii pa 6 oTbl KOpnOpaTMBHOii 
ce™ B 6 o;ibiiJMHCTBe cjiynaeB xBaiaei bamh- 
CTBeHHoii 30Hbi, 6 o;iee roro, oneHb nacTO cm- 
CTeMHbie aAMMHMCTpaTOpbl OrpaHMHMBaiOTCB 
co3AaHneM eAHHCTBeHHoro AOMena. 


» CrpyKTypa DNS 

B HHTepHere cyiAecTByer mhowbctbo DNS- 
cepsepoB, npeAocraBajHoiAMx K/iMeHTaw hb- 
o6xoAMMyK5 MHcjjopMaAMio o6 Mwenax ya;ioB 
ceTM. Ba>KHeMiiJMM KanecTBOM DNS BBJijieTCB 
nopBAOK nx pa6oTbi, no3Bo;iflioiAMii DNS- 
cepsepaw cmhxpohho o6HOB;iJiTb cbom 6a3w. 
flo6aB;ieHMe aApeca hoboto cawTa b Hnrep- 
Here npoxoAWT 3a CHMiaHHbie Hacw. 

Bropaji oco 6 eHHocTb CMCTewbi — 3 to opra- 
HM 3 aL(Mji DNS-cepaepoB b bmab kiepapxMHe- 
CKoii CTpyKTypw. HanpwMep, aanpoc or k/imbh- 
ra o 6 MMBHM ftp.microsoft.com mo>kbt npoiiTM 
HBPB3 HBCKOJlbKO DNS-CBpBBpOB, OT r/ 1 o 6 a/ 1 b- 
Horo, coAeprxaiABro MHrJropMapMK) o AOMBHax 
BBpxHBro ypoBHB (.com, .org, .not m t. n.), 

AO KOHKpBTHOrO CBpBBpa KOMnaHMM Microsoft, 
B HbMX CnnCKaX nBpB4HC/1BHbl nOAAOMBHbl 

BMAa *. m1crosoft.com, b hmc;ib Koiopbix mh m 
H axoAMM HyrKHbiM Haw ftp.m1crosoft.com. flpri 
3T0M MHO}KBCTBO DNS-CBpBBpOB OpraHM3yBTCB 
B 30Hbl, MMBKUAMB Hpasa M paSpBmBHMJl, AenB- 
rwpOBaHHblB BbllUBCTOrUAMM CBpBBpOM. TaKMM 
o6pa30M, npM Ao6aB;iBHMM HOBoro noAAOWBHa 
Ha MBCTHOM CBpBBpB yBBAOMJIBHMfl OCTaJlbHblX 
CBpBBpOB B f;io6a;ibHOM CBTM HB npOM3BOAJlT- 
CJi, HO MH(J)OpMaL(Mfl 0 HOBbIX CBpBBpaX 0Ka3bl- 

BaBTCJi AociynHOM no sanpocy. 

30Hbl, AOMSHbl M nCAAOMSHbl 

C pocTOM HMcna aombhhwx mmbh pa6ora mb>k- 
Ay CBpBBpawM 6 bma pacnpBAenBna no npwH- 
AMny BAMHOHaHannn. MAeri npocra. Ecnn opra- 

HMSaAMH BJiaAeBT Co6CTBBHHblM AOMBHHbIM 
MMBHBM (nanpwMBp microsoft.com rmH whltB- 
housB.gov), TO MMBHOBaHMB BHyrpn CBOBro ao- 
MBHa OHa npOM3BOAMT CaMOCTOBTBnbHO. Eamh- 
CTBBHHafl CnO>KHOCTb npM TaKOM pa6oTB — 
npBAOCraBnBHMB BblUJBCTOJUAMMM CBpBBpaMM 
3TMX npaB HM)KBCTOJUAMM CBpBBpaM. 

VtOHHMM TBpMMHbl. flOMBH — 3T0 HBKMM 
KOHTBMHBp, B KOTOpOM MOryT COABp>KaTbCB 
XOCTbl M APyrHB AOMBHbl. MmB AOMBHa MO)KBT 
HB coBnaAaib c mmbhbm KOHipojuiBpa AOMBHa, 
TO BCTb AOMBH — 3T0 BMpTyajibHas CTpyKTypa, 


HB npHBBsaHHan k KOMUbiOTBpy. Xoctwb, 
HanpOTMB, COOTBBTCTByBT (|)M3MHBCK0My KOM- 
nbKTTBpy, noAKmoHBHHOMy k cbtm. I/Ima xoc- 
Ta flBnjlBTCfl MMBHBM KOHKpBTHOTO KOMHblOTB- 
pa. Umb xocTa mo>kbt cosnaAaTb c mmbhbm 
AOMBH a. UmB AOMBHa MO)KBT COBnaABTb c 
MMBHBM 30Hbl, K KOTOpOM OH npMHaAnOrKMT, 

B 3T0M C/iynaB AOMBH BBnBBTCB KOpHBBbIM B 
30HB. ripM 3T0M 30Ha HB o6}i3aHa coAeprxaTb 
B Cb 6 b OAHOMMBHHbIM (xopHBBOM) AOMBH. 

3ona — 3T0 kohtbmhbp, o 6 'bBAMHjnoiAMM 
HBCKOnbKO AOMBHOB B CTpyKTypy C 061 AMMM 
paspBujBHMjiMM Ha ynpaanBHMB, to bctb 30Hbi 
BBnfHOTCJl KOHTBMHBpaMM PJ\!\ AOMBHOB M XOC- 
TOB. 30Hbl MOryT 6 wTb BnO)KBHbl OAHa B APy- 
ryio. Pa3HML(a MBWAy sohamm m aombhamm 
B TOM, HTo AOMBHy MowBT npMHaAne>KaTb HB- 
CKojibKo 30H, coAepwaiAMx paanMHHWB Bro 
nOAAOMBHbl. 3 tO AOBT BOSMOWHOCTb AfinBCM- 

poBaTb nonHOMOHMfl Ann hoaaombhob m yn- 
paB/inTb rpynnaMM hoaaombhob. 

3oHbi McnonbsyioTcn Ann AOnBrMposaHMn 
nonHOMOHMM. KarKAbiM aombh AonrxBH haxo- 
AMTbCn B COCTABB 30Hbi; OpM C03A3HMM HOA" 


HHTerpauMfi DNS 
B Active Directory 

KoMnaHMn Microsoft pBKOMBHAyeT Mcnonbao- 
BaTb DNS-CBpBBpbl B KOpnopaTMBHblX CBTnX 
Ann opraHM3apMM pa6oTw KOMnbroTBpoB b 
COCT aBB AOMBHa. flBnO B TOM, HTO TBXHOnOTMn 
DNS 6onBB yHMBBpcanbHa m 3(J)(|)BKTMBHa, 

HBM McnonbayioiAMBcn na CTapwx cmctbmax 
WINS M NBtBIOS. KnMBHTbi TonbKO nocbinaioT 
aanpocbi cBpBBpy m nonynaioT otbbtw 6b 3 
o6paiA6HMn K KAKMM-nM6o MHbIM y3nAM CBTM. 

CtOHKM apBHMn np0M3B0AMTBnbH0CTM 
nyHUJB BCBro MHTBrpMpoBaTb DNS b ActIvB 
DIrBCtory, hto bo3mo>kho na CBpBBpnwx DC 
KOMnaHMM Microsoft HAHMHan c Windows 
2000 SBrvBr. Cobmbiabhmb po/iBM DNS- 
CBpBBpa M KOHTpon/iBpa AOMBHa ynpoiAABT 
AAMMHMCTpMpOBAHMB CBTM, OCoObHHO BCnM 
paSMBpbl BB AOCTaTOHHO BBnMKM. 

Hto hom ctomt 

DNS nocTpoMTb 

DNS pBanM3yioTcn b cootbbtctbmm c bamhwm 
CTaHAapTOM, OCHOBbI KOTOpOTO M3nO)KBHbl B » 



CrpeMBTejibHoe pasBMTMe MBTepHera 

■ H. 

PacTer kqk 

HQ Apoxxax 



1995, Mionb 

1,7 MnH 

u 



1996, HHBapb 

2,4 MnH 

□ 



1996, Mionb 

3,3 MnH 

□ 



1997, HHBapb 

3,9 MnH 

a 



1997, Mionb 

4,5 MnH 

□ 



1998, HHBapb 

8,2 MnH 

1 1 



1998, Mionb 

10,3 MnH 

1 1 



1999, HHBapb 

12,1 MnH 

1 

] 


1999, Mionb 

18,7 MnH 

1 

I 


2000, (peBpanb 

24,8 MnH 

1 

I 


2000 , ceHTnOpb 

32,6 MnH 

1 


3 

2001, (peBpanb 

36,3 MnH 

1 




flaHHbie 06 ysenMHBHMM HMcna cepsepoB AOMBHa .com 3a nepMOA c 1995 no 2001 roA 
onyO/iMKOBaHbi Ha caiiTe www.ngi.org, npMHaAnerKaiAeM opraHMsapMM Center for Next 
Generation, saHMMaioLAeMcn b tom HMcne m CBnsaHHOM c IdHTepHeTOM CTaTMCTMKOM. 

Ha rpacpMKe bmaoh SKcnoHeHpMa/ibHbiM pocT HMcna caPiTOB b MHTepHeTe. 
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HACTPOMKA 

CMCTeMa MM6H flOMeHOB 



» RFC 1011, 1034 M 1035. B Windows Server 
2003 npoi;ecc pasBepTbiBaHnn n ynpaBnennfl 
DNS CAenan npome, new b npeAWAyiAnx Bep- 
cnax onepapnoHHbix cncTew, OnaroAapa wac- 
repan HacrpofiKM po/iew cepeepa. B Windows 
Server 2003 AodaBaenbi n noBwe 4)yHKAMn 
ynpaBneHMJi Active Directory, Koiopan Mower 
6biTb nHTerpnpoBana c DNS BoeAnno. 

ripn cosAannn Konipon/iepa AOMena, to 
ecTb cepBepa, ynpaanfiroiAero paOoroii Active 
Directory, Macrep npeAnaraer cosAarb n na- 
crpoMTb DNS-cepeep. flnn aroro AocraroHHo 
B nacrpoMKax OTMernrb nynKT «InstaU and 
configure the DNS server on this computer, 
and set this computer to use this DNS server 
as its preferred DNS server*. B 3 tom c/iyuae 
aanycKaerca DNS-cepeep u cosAaerca aoua, 
oAHOMMeHuafl c BamuM aombhom. 

flnn MMeuM AOMeua ayume ucnoabsoBarb 
ABa caoBa, paaAeaeuHbix tohkom (auAa my- 
domen.ru). TexHunecKu bobmowho BKaio- 
HMTb KOMnbrorepbi Bameii ceru u b aombh 
B epxuero ypoBHa, ho Microsoft He pexoMen- 
Ayer McnoabaoBarb Ana AOMena hmh, cocto- 
fligee m oAHoro caoaa, rax xax b 3 tom cay- 
Hae B03HMKaioT caowHocTM c opraHMsauMeii 
nepecbiaxM aanpocoB (forwarding) n Anna- 
MMHecKMx oOnoBaeHMM. 

HacTpoMKa DNS 

riocae nepeaanycxa CMcreMw b okhb «Manage 
Your Server* (ynpaBaeuwe cepeepoM) n ua 
naueaM «AAMMHMCTpnpoBaHMe» noaBarca ho- 
Bbie aaeMeHTbi — ccbiaxM ua KOHCoan ynpaa- 
aeHwa Active Directory (rpu mkohkm) m DNS 
(oAHa MKOHKa). OcraHOBMMca noApoOuee 
Ha KOHCoaM ynpaBaeHkia DNS-cepeepoM. 

flepeBo DNS coAepwwT chmcok DNS-cepBe- 
poB, B HameM cayaae chmcok 6yAer cocroarb ua 
oAHoro nyHKTa — mmohm naiaero cepaepa. Pac- 
xpbiB ero, Mbi yBMAMM rpM nanxM — «Forward 



Lookup Zones* (aoHbi npaworo npocMorpa), 
«Reverse Lookup Zones* (sohn odparHoro npo- 
CMorpa, nycraa nanxa) m «Event Viewer* . 

rianKa aoH npaMoro npocMorpa 6yAer 
coAepwaib abb aanwcM. 3oua, ase vim ua- 
HMHaerca c _msdcs, oTHocnrca k oprauwaa- 
AMM paOoTbi CMcreMbi (DC pacujwrJjpoBbiBa- 
erca xax Domain Controller, Kourpoaaep 
AOMena), noxa hto naM ee rporarb ne nyrx- 
Ho, rax )xe xax m nanxy _msdcs bo Bropoil 
aoHe. Bbidpaa Bropyx) aony, b cnwcxe cnpa- 
Ba MbI yBMAMM BB COABpWMMOe — CodCTBBH- 
Ho roBopa, Bce xoMnbxrrepbi, HbM MMena 
xpanarca na HameM cepeepe, 6yAyr nepe- 

HMCaeHbl MMBHHO laM. 

flodaBaeHMB hobwx xoctob 6yAer npo- 
MCxoAMTb aBTOMaiMHecxM. Bcb onepaAMOH- 
Hbie cMcreMbi Windows, naaMnaa c Windows 
2000 Professional, noAAep>KMBax)T xoppexr- 
Hoe oOnoBaenMe 6aaw DNS-cepeepa b cBoeri 
aoxaabHOM cbtm. HoBbie nyHXTw b cnncox 
MMBH XOCTOB Ha DNS-cepBepB MoryT Ao6aa- 
aaTbca m npM noMoigM caywOw «Computer 
Browser*. Spyanyx) we AoOaBaenMe hobux 
AOMBHOB M XOCTOB, paBHO xax M yABacHMe 
cyiAecTByxriAMx, npoMCxoAMT mb Menx) xoh- 
coaM «Action» Man m3 xoHTexcTHoro mbhx) 
npaBOM xaaBMmM MwmM. 

Flocae aanycxa xoHTpoaaepa mowho npM- 
CTynMTb X bbbabhmx) b aombh xaneHTcxMx Ma- 
mMH. FloBTopMM, HTO xoppexTHaa paOoTa b co- 
CTBBe AOMena BoaMowna Toabxo Aaa cMCTeM 
panra Professional, Haannaa c Windows 2000 
Professional, to ecTb b aombhb oTxawyTca pa- 
6oT3Tb xoMnbxiTepbi noA ynpaaaeHMeM one- 
paAMOHHbix CMCTeM Windows 98, Windows Me 
MaM Windows XP Home Edition. 

KorAa we bw AoOaBaaeTe b aombh xom- 
nbxiTep c ycTaHOBaeHHOM DC Windows 2000 
Professional Man Windows XP Professional, 
CMCTeMa aBTOMaTMaecxM nomaeTsanpoc DNS- 



cepBepy, a tot b cboxi oaepeAb aoObbmt ho- 
BbiM IP-aApec B cnMCox. 

B CBTM, COCTOaiABM M3 XOMnbXITepOB c 
(|)MxcMpoBaHHbiMM IP-aApBcaMM, paOoTa DNS 
npeAeabHo npocTa. OAHaxo xax OwTb, ecaM b 
B ameii cbtm IP-aApeca AoawHbi paaAaeaTbca 
AMHaMMaecxM? Tya mw cTaaxMBaeMca c onpe- 
AeaeHHbiMM caowHocTaMM, nocxoabxy b 3tom 
cayaae DNS-cepBep Aoawen oOnoBaaTb cbox) 
6aay nocToaHHo, ocHOBbiBaacb na AaHHwx, 
noayaaeMbix ot DHCP-cepaepa. 

BnpoaeM, HToObi HaCTpoMTb DNS m DHCP 
Ha coBMBCTHyx) paOoTy, ne TpeOyeTca oco6wx 
ycManii. flocTaToano oTxpwTb «Scope Opti- 
ons* B xoHCoaM ynpaBaeHMa DHCP-cepBepoM 
M yxaaaTb mmb Bamero DNS-cepeepa b napa- 
MeTpe «DNS Domain Name*. 

IP-aApec caMoro DNS-cepeepa mowbt 
6biTb AMHaMMaecxMM. B 3TOM cayaae Ana xaw- 
Aoro HOBoro xoMnbXiTepa, BbinoanaxiiAero 
cepBepHbie (jjynxAMM, nacTpoiixa ceTBBwx na- 
paMBTpoB npM ero noAxnxraenMM 6yAeT npo- 
McxoAMTb OaaroAapa DHCP-cepeepy. Taxwe 
He oOaaaTenbHo, htoOn cepeepbi DHCP m DNS 
(|)M3MaecxM HaxoAMnMCb na oahom xoMObxiTe- 
pe. Ohm 6yAyT xoppexTHo paOoTaTb, Aawe 
ecnM aanyiABHbi na paaHwx MamMHax. 

DNS-cepeep mowbt npoMSBOAMTb oaMCTxy 
CBMCxa, yAanaa m 3 Hero Aannwe o tbx xoctax, 
xoTopwe yAanenbi m3 cbtm. HTo6bi nacTpoMTb 
oaMCTxy cnMCxa xoctob, hbwmmtb xnonxy 
«Aging» («0aMCTxa») na BxaaAxe «General» b 
CB oiiCTBax aoHbi — no yMoaaanMxi yAanenne 
«npocpoaeHHbix» mmbh BwxaxiaeHO (nywno 
nocTaBMTb cooTBeTCTByxHAyx) ranoaxy). 

KpoMe Toro, TaM we yxaawBaeTca napaMBTp 
aBTOMaTMaecxoro oOnoBaenMa («Dynamic 
Updates*) — no yMoaaanMX) oh nepexaxraeH 
B «Secure Only* m paapemaeT npoMSBOAMTb 
oOnoBaeHMa Oaaw na ochobb aanpocoB Toab- 
xo OT OeaonacHbix mctohhmxob. » 
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» floAKniOHaeMcn 
K MHTepHeTy 

y HaHMHaiOmMX CMCTeWHblX aAMMHMCTpaTOpOB 
BosHMKaeT HBMaao npo6/ieM or HeKoppexTHo- 
ro o6pameHMJi c HacipoMKaMn DNS, b tom 
HMC/ ie c cooTBercTByioiAMMM HacrpoMKaMn 
Ha KOMHbioTepax no/ibaoBare/ieM. 

Bo-nepBbix, Bce aaBMcm ottoto, cTaTHHecKwe 
MBM flMHaMMHecKMe IP-aApsca wcnoAbayioTCfl 
B BameM cbth. B cAynae, bcam McnoabsyiOTCA 
CTaTHHecKwe aApeca, y6eAHTecb, hto Ha Ka)XAOM 
MaiiJMHe KoppexTHo npoHMcan ee IP-aApec, 
Macxa noACBTH m Bbi6npaeMbm no yMOAnanMX) 
DNS-cepaep. Ecam >xe xoMnbX)Tepbi noAynaxiT 
CBOM IP-aApeca AWHaMMHecxM, nocpeAciBOM 
DHCP-cepsepa, to 3tot >xe cepsep AOA>xeH yxa- 
3biBaTb M aApec DNS-cepoepa. Ymthto, hto aaa 
xoppexTHOM pa6oTbi XAM6HTOB DHCP-cepBep 

B nOACBTM AOAWBH 6blTb eAMHCTBBHHblM. 

flpyraA aaAana, B03HMxax)iAaA nepep ap- 
MMHMCTpaTopaMM, — 3TO HacTpoMxa AocTyna 
B HHTepneT nepea AoxaAbnyx) ceTb. flocTyn 
Mo>xeT 6biTb opraHM30BaH no-paanoMy, m, 
ecAM Bce xAMeHTbi noAXAX)Hax)TCfl Hepea npo- 
xcM-cepaep, nacTpawBaTb DNS aaa pa6oTw 
B HHTepneTB Heo6xoAMMocTM hbt. Apyroe 
A6AO, ecAM Bbi McnoAbayeTB IP-MacxapaAWHr 
npM noMoiAM NAT. B 3tom CAynae xAMBHTCXMe 
xoMnbK)Tepbi B BBiAeM CBTH AOAWHbi 6ypyT 
MM6Tb B03M0)XH0CTb nOAyHBTb OTBBTbl OT DNS- 
cepsepoB B HHTepneTB, hto6w noAXAX)HaTbCA 
X Be6-cepBepaM no mx IP-appecaM. 

PeaAMaoBBTb 3TO npocTo. BaM nywHo na- 
CTpoMTb nepecbiAxy aanpocoB c aamero DNS- 
cepsepa na cepaep wnTepneT-npoBaMAepa 
(Tax HaabiBaeMbiM t|)opBapAMHr). Jlynme Bcero 
opraHMaoBaTb 3 to b pea 3Tana. CnaHaAa Bam 
DNS-cepaep oTnpasAAeT aanpoc na MapmpyTM- 
aaTop, a tot yme nepecbipaeT ero npoBawpepy. 

Mo>XHO o6oMTMCb M OpHMM maTOM, BBpb 
ecAM MapmpyTwaaTop npepocTaBAABT cepBwc 




NAT AAA Bbixopa b 1/lHTepneT, to cbm DNS- 
cepBep Mo>xeT o6paipaTbCA HenocpepcTBenno 
X npoBawpepy. Opnaxo tbxom mbtoa Menee 
rpaMOTen. HanpwMep, ecAM bw noMBHAeTe 
npoBawpBpa, bbm npMpBTCA npaBMTb nacTpoii- 
XM y>XB Ha HBCXOAbXMX XOMAbXJTBpaX. KpOMB 
TOrO, nOpXAX)HBHMB X PlHTBpHBTy HBpB3 NAT 
MBHBB 6B30naCH0, HBM nBpBHanpaBABHMB aa- 
npocoB nocpBpcTBOM npoxcM-CBpBBpa. Tax>xB 
no coo6pa>XBHMAM 6B3onacHocTM hb pBxo- 
MBHpyBTCA COBMBipaTb pOAb DNS-CBpBBpa 
M MapmpyTMaaTopa na opnoM xoMnbXJTBpB, 
oco6bhho bcam oh >xb abaabtca m xohtpoa- 

ABpOM pOMBHa B BamBM CBTH. 

HacTpoiixa (JjopBappMHra npoMCxopMT 
B CBoiicTBax DNS-CBpBBpa na xohcoam ynpaB- 
ABHMA. HaWMMaBM OpaBOM XHOnXOM Ha 3HaHXB 
CBpBBpa, aaTBM «PropBrtiBS ^ ForwardBrs», rpB 
M yxaabiBBBM mma BbimBCTOAipBro aombhb mam 
HBPBHMCAABM DNS-CBpBBpbl, X XOTOpbIM 6ypBT 
o6paipaTbCA nam CBpsBp. Ha BxnapxB «Root 
Hints» HBpBHMCAAXJTCA appBCa DNS-CBpBBpOB 
CBTM (hb odAaaTBAbHO BbimBCTOAipMX). CnMCOX 
«Root Hints» mo>xbt 6biTb aanoAHBH asTOMaTM- 
HBCXM npM noMoipM MacTBpa ConfigurB DNS 
Sbtvbt M3 MBHX) «Action». 




OmndxoM abaabtca coapaHMB aoHW c mmb- 
HBM «.». B 3TOM CAynaB Ham DNS-cBpBBp nan- 

HBT CHMTaTb Cb6a XOpHBBbIM, TO BCTb BBpXHMM 
B TAo6aAbHOM pBpBBB DNS. PaayMBBTCA, HMXa- 
XMB nBpBCblAXM BbimBCTOAipMM CBpBBpaM pa- 
6oTBTb HB 6ypyT. ripM COapaHMM aOHbl, HbB MMA 
coBnapaBT c nacTbX) mmbhm y>xB cyipBCTByx)- 
ipMX 30H nOCAB TOHXM (HBnpMMBp, y HBC BCTb 
aoHa trading. officB, a mw coapaBM aoHy of- 
fiCB), BCB npMHapABrxaipMB BM aOHbl M pOMBHbl 
OXaablBaX)TCA BAOrXBHHWMM B HBB. 

Ecam y BamBTo CBpBBpa b cbomctb3x nop- 

XAXJHBHMA XAOXaAbHOM CBTM B XaHBCTBB 

DNS-CBpBBpa yxaaaH caM xohtpoaabp pomb- 
Ha, 3TO TO)XB HB oHBHb xopomo. DNS-3anpo- 
Cbl HMXOrpa HB P0A>XHbl npMXOpMTb HB CBp- 
BBp c Bro )XB appBCa — axj6om nopodHbiii 
cAynaM opHoanaHHo cBMpBTBAbCTsyBT o 
HBnpaBMAbHOCTM HacTpoBx. 

PaaodpaTbCA b CMTyapMM noMorxBT «EvBnt 
VlBWBr». B CAynaB xoppBXTHoii padoTW DNS- 
CBpBBpa B rxypnaAB poArxna noABMTbCA aa- 
HMCb 0 CTapTB CBpBBpa. Tax>xB hobhb aanncM 
6ypyT nOABAATbCA no MBPB podaBABHMA HO- 
Bbix MMBH xocTOB am6o npM pyHHOM ynpaBAB- 
HMM aOHaMM M pOMBHaMM. 

Aaa TOrO HTo6bl pBTBXTMpOBaTb HBMC- 
npaBHocTM CO cTopoHw xAMBHTa, npoipB 
BCBTO BOCnOAbaOSaTbCA XOHCOAbHOM yTMAM- 
TOM nslookup, XOTOpaA nOCTaBAABTCA BMBCTB 
C OnBpapMOHHOM CMCTBMOM. EloCAB BBOpa 
nslookup B xoManpHOM cTpoxB na sxpanB 
POAWHO nOABMTbCA MMA M IP-appBC BamBTO 
DNS-CBpBBpa, a hocab 3toto bbm 6ypBT npB- 
POCTaBABHa B03M0)XH0CTb npOTBCTMpOB3Tb 
cBpBBp nyTBM oTnpaBABHMA aanpocoB Ha 
npBodpaaoBaHMB mmbhm b IP-appBc. Hto- 
6bi yBMpBTb cnpaBxy no napaMBTpaM xo- 
MaHpbi nslookup, bbbpmtb b xoManpHOM 
CTpOXB nslookup |llBlp. 

■ ■ ■ Mropb JIoruHOB 
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MHCTA/1A$1UM$I M HACTPOMKA 

cnyn<6a DHCP 


BpeMeHHQ$i 

nponMCKa 



VcraHOBKa m a a m m h m ct p m p o b a h m e 


B onepaunoHHoPi cucieMe Windows Server 2003 pea^nsoeaHO MHOKecTBO 
pa3AHHHbix CAy>K6, npeAHasnaMeHHbix Ann ynpaeneHnn ceieBoPi nHc|Dpa- 
cipyKiypoPi. Oaha ms stmx cny>K6 — DHCP — npMcyrcTByeT b cepBepHbix 
onepapMOHHbix CMCieMax Microsoft HaMMHan c Windows NT Server 3.5. 


HCP (Dynamic Host Configuration 
Protocol) — 3TO npoTOKon nepBAann 
napaMerpoB KOHc()MrypaAm/i MamnnaM 
B ceinx TCP/IP, pa3pa6oTaHHbm pa6oHeM 
rpynnoM DHC (Dynamic Host Configuration 
Workgroup), BxoAruAeM b coctab IETF (Inter- 
net Engineering Task Force). OcHOBHwe pe/in 
cosAannn DHCP Taxne: npeAociaBMTb cncieM- 
Howy aAMMHMCTpaTopy cpeACTBo Ann Konipo- 
nn naA HacTpoMKawn cereBbix napaMerpoB, 
o6ecneHMTb KOHcfinrypaAMio cereBbix nacrpo- 
ex KOMObiOTepa 6ea ynacTmi nonbaoBarenn 
M o6ecneHMTb ynnKanbHocTb IP-aApecoB na- 
crpawBaeMbix KnnenroB. DHCP npeAocraBnjieT 
aAMMHMCTparopy xpaHM/iMiAe nacrpoeK n cep- 
BMC pacnpeAenenuB nocrosiHHbix nnn ape- 
weHHbix IP-aApecoB. Ann o6ecneHeHHji ynn- 
KanbHOCTM BblAaHHbIX IP-3ApecoB B xpaHMnM- 
lAe Mcnonbsyercn npnBsaxa k MAeHTU(|)MKaTo- 
py, yHMKanbHowy Ann xarKAoro Knnenra, co- 


CToniAeMy n3 aApeca cern n MAC-aApeca 
ycrpoiicTBa. Cxewa pa6orbi cepanca pacnpe- 
Aenennn aApecoB npocra: Knnenr sanpamu- 
Baer aApec na onpeAenennoe apemn, a cep- 
Bep 3TOT aApec BWAaer, npnnew rapanrnpyeT- 
cn, HTO TOT >xe aApec ne 6yAer BbiAan APyrowy 
Knnenry b TeneHue yKasannoro nepuoAa ape- 
Menn n npn nocneAyioiAMx aanpocax no bo 3- 
MOWHOCTM 6yABT BbiAaH TOT WB caMbiM aApec. 

B xanecTBe AononnnTenbHOM rapanTnn ynn- 
KanbHocTM BbiAaHHoro IP-aApeca n Knnenr 
M cepBep AonwHbi ero npoBepnrb bcbmm ao- 
crynHbiMM cpeACTBawn nepeA ncnonbaoBann- 
ew. Knnenr Mower npoAnnrb cpoK AenCTBnn 
IP-aApeca nnn ocBo6oAHTb ero. KpoMe IP- 
aApeca Knnenry Moryr nepeAaBarbcn n Apy- 
rne napawerphi, nanpnwep mnioa no yMonna- 
nnio M aApeca DNS-cepeepoB. BsanMocBnsb 
cepBepa n Knuenroa DHCP nocrpoena no cxe- 
MB «Bonpoc-oTBeT». » 
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WINS-cepeep 

(})aviji-cepBep 

192.168.7.5 


WINS-cepBep 

DHCP-cepBep 

192.168.7.6 


Pa 6 o'iafl 

CTaHpMH 


MapuipyTviaaTop 

192.168.7.1 



1 







Pa6oHafl 

CTaHpVtfl 


HHTepneT 



DNS-cepBep 

195.34.32.10 


PaOoHafi 
CTaHpUB 

Aflpec ceTM - 192.168.7.0/225.225.225.0 


DNS-cepBep 

195.34.32.11 


Pmc. 1 . Cxeivia THnMHHoii noKanbHoii cctm c AOCTynoM a klHTepHeT 


» flpeiiMyiMecTBa 

McnonbsosaHiiq DHCP 

ripeAnoBO}KMM, hto bw aAMUHucTpupyere ceib 
Ha 200 MamMH. M bot b oamh npeKpacHwii 
MoweHT B3M no KaKOM-To npMHMHe noTpe6o- 
B3Bocb MSMeHMTb H3 Bcex MaiBMHax aApsc 
DNS-cepBepa m/im cMeHmb K/iacc cerw m coot- 
BeTCTBeHHo MSMeHMTb MBCKy M IP-aApsc. Ec- 
m npoMSBOAHTb aaweHy BpyHHyK), TB>KeBbm 
paOoHMM ASHb 6ea nepepwBa na o6eA o6ec- 
neneH. A ecBM Kownbioiepbi CMBbHo pacnpe- 
AeBeHbi wewAy co6oii, kbk, nanpHMep, b paw- 
OHHblX CeiBX M 6oBbllJMX oc()Mcax? lAm b CeTM 
He 200 KOMnbioTepoB, a TwcBHa absctm? B ra- 
KOM cBynae npoLtecc sawenbi Mowei pacrs- 
HyTbCfl Ha oHeHb ABMTe/ibHoe BpewB. Mnas 
KapTMHa 6yAer, ecBM b BOKaBbHoii cerw npe- 
AycMOTpena cjiywOa DHCP. flocTarcHHo noMe- 
HBTb HaCTpOMKM H3 CepBepe — M Hepe3 HeKO- 
Topoe Bpewfl KBMeHTCKwe MamMHbi cawocTOfl- 
Te/ibHo noBynaT ipeOyeMue napaneipbi. 

Bot APyroM npwMep. flonycTMM, neo6xoAM- 
Mo paaBepnyTb ceib na le we caMwe 200 kom- 
nbiorepoB. Ec/im onenb 6bicrpo meBeBMTb 
MbllBKOM M HaOwpaTb AMCjjpbl, TO H3 HBCTpOMKH 
napaweTpoB TCP/IP ywAST oahb MwnyTa. Ha 
BCe MaiUMHbl nOHaAo6nTCB Tpw C nOBOBMHOM 
Haca HenpepbiBHoro BbinoBHeHMB oahothh- 
Hbix onepaAMii. H onBTb DHCP-cepBep CMBbHo 
o6/ierHMT 3Ty saAsny m c3kohommt BpewB. 

PeaimsaLiiin DHCP 

B Windows Server 2003 pa6oTocnoco6HOCTb 
npoTOKona DHCP oOecneHMsaeTcs TpeMs kom- 
noHeHTaMM. C/iywOa DHCP Server ynpaenseT 
xpaHMBMiAeM HacTpoeK m oTBenaeT na aanpo- 
Cbi KBweHTOB. CnywOa DHCP Client oTnpaBnn- 


eT aanpocbi cepeepy, npwHMMaeT napaweTpbi 
KOHtJjMrypaAMM m bhocmt nacTpoMKM b ctbk 
TCP/IP. KoHCo/ib ynpaB/ieHMfi DHCP npeAHaa- 
Hanena abb M3MeHeHHB nacTpoex DHCP-cepee- 
pa. XpaHMBMiAe nacTpoex opraHH30BaHHo b 
BMAe oOnacTeM AeriCTBMB (scopes). OOnacTb 
AewcTBHB — 3TO HenpepwBHbiii AnanasoH IP- 
aApecoB, KOTopwii saAaeTCB aApecoM ceTw 
M MacKOM, HanpMwep 192.168.7.0/255.255. 
255.0. 06biHHO 3T3 o6B3CTb coBnaAaeT c bw- 
6paHHbiM aApecHbiM npocTpancTBOM abb koh- 
KpeTHoii ceTM. B oObbctm AeiicTBMB onpeAeBB- 
eTCB AnanaaoH, KOTopwM 6yAeT AocTynen abb 
BbiAaHM KBMeHTaM (address pool), m AManaaoH 
aApecoB, KOTopbie KBMeHTaw BbiAaeaTbCB ne 
6yAyT (exclusion range). Abb KawAOM o6b3Ctm 
AeiiCTBMB 33AaK5TCB Heo6xOAMMbie HaCTpOMKM 
(options), HanpMMep aApec mBioaa no ynoB- 
HaHMK), aApeca DNS- n WINS-cepeepoB. 

YcTaHOBKa DHCP 

riepeA ycTanoBKOM nywHo onpeAeBMTbCB 
c AwanaaoHOM aApecoB, AocTynHwx abb pac- 
npeAeBeHMB mowav KBMenTaMM DHCP, m cnnc- 

KOM MCKBK)HeHMM M3 3Toro AMana30H3. B CnM- 
COK MCKBHDHeHMM nOOaAyT MaiBMHbl, H3 KOTO- 


OCHOBHblM HBAOCTaTKOM DHCP H3 A9H- 
HblM M0M6HT BBBBeTCB HM3KMM ypOBSHb 
6e3onacHOCTM caMoro npoTOKona, b koto- 
poM He npeAycMOTpena npoBepna noA- 
BMHHOCTM KBMeHTa M CepBepa. TaKMM o6- 
pa30M, 3B0yMblUjneHHMK MOWeT 


pbix IP-aApeca aobwhu nacTpaMBaTbCB Bpyn- 
Hyio M3-33 oco6eHHocTeM pa6oTaioiAMx na 
HMx CBywO. B 3Ty xaTeropMio nonaAaioT DNS- 
cepBepbi, MapmpyTMaaTopbi, cepBepw yAanen- 
Horo AocTyna m can DHCP-cepeep. AApeca 
noAo6Hbix cepBepoB MMeeT cmwcb oObbam- 
HMTb b oAHy HenpepbiBHyio rpynny, HanpM- 
Mep, B3BTb nepBbie AecBTb aApecoB Bw6paH- 
HOM oObBCTM A6MCTBMB. flBB CeTM, nOK33aH- 
HOM Ha pMC. 1, AaHHbie 6yAyT TaxMMM: 

o6BacTb AeMCTBMB — 192.168.7.0/255.255.255.0 
cnncoK MCKBioHeHMM — aApeca c 192.168.7.1 no 
192.168.7.10 (aapeaepBMpyeM AecBTb aApecoB Ha 
CBynati noBBBeHHfl AonoBHMTenbHbix cepaepoB) 

UJBI03 no yMOBHaHMK) — 192.168.7.1 
DNS-cepeepa — 195.34.32.10 m 195.34.32.11 
WINS-cepBepa — 192.168.7.5 m 192.168.7.6 

3tm AaHHbie noTpeOyei MacTep ycTanoBKM cep- 
BMCa DHCP, KOTOpbIM MOWHO 3anyCTMTb, Ao6a- 
bmb Bbi6paHHOMy cepeepy poBb DHCP c noMo- 
lAbK) Manage Your Server. IlocBe ycneuiHoro aa- 
BepujeHMB ycTaHOBKM cepeep roTOB k paOoTe. 

AAMMHMCTpiipOBaHlie 

cepsepa DHCP 

Bee aAMMHMCTpaTMBHbie 3aA3HM BbinOBHBIOTCB 
c noMoiAbio KOHCOBM ynpBBBeHMB DHCP. Koh- 
COBb n03BOBBeT aKTMBMpOBaTb/AeaaKTMBMpO- 
BBTb odnaCTb AeMCTBMB, M3MeHBTb HaCTpOMKM, 
co3A3BaTb peaepBHyK) kohmio xpauMBMiga 
DHCP, npocMaipMBaTb chmcok BWAaHHWx IP- 
aApecoB M MHoroe Apyroe. OcTanoBMMCB no- 
Apodnee na nexoTopbix MOMeniax. HtoOw 
MaweHMTb, HanpMMep, aApec cepeepa WINS, 

HywHo BbiOpaTb B KOHCOBM pasAOB «Scope 
Options®, igeBKHyTb na hbm npasoM KHonKOM m 
Bbi6paTb «Configure Options®. B noflBMBUjeMCJi 
oKHe BbidMpaeM m 3 cnMCKa ohamio «044 Wins/ 
NBNS Servers® m MenneM aApeca na Te, koto- 
pbie HaM HyWHbl (pMC. 2). EcBM HaM HyWHO, 

HTo6bl KBMeHTCKMM KOMHblOTep rapaHTMpOBaH- 
Ho noBynaB Bce BpeMB oamh m tot we aApec, 
MOWHO BOCnOBb30BaTbCfl MexaHM3MOM pesep- » 


ycTaHOBMTb B C6TM CBOM cepBep DHCP M 
nepeAasaTb KBMeHTCKMM MaiiiMHaM Hyw- 
Hbie eMy HaCTpOMKM. EAMHCTBeHHbIM cno- 
C06 6opb6bl — nOCTOBHHbIM MOHMTOpMHT 
BOKaBbHOM ceTM Ha npeAMeT HanMHMH 
B HeM Hyworo DHCP-cepBepa. 


HeAOCTOTKM DHCP 


ripo6jieMbi 6e3onacTHOCTH 
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» BupoBaHMji IP-aflpecoB (puc. 3). fl;iB aioro b 
KOH co;iM HaAo bomtm b pasfle/i «Reservations», 
3aT6M B M6HK) «Act1on» Bbi6paTb «New Reser- 
vation* M B nOBBMBmeMCfl OKHe BBeCTM MMB 
(3TO none 6yAer aaMeneno na npeAocTaBnen- 
Hoe KnneHTOM DHCP), IP-aApec, MAC-aApec 
M onncanne. CiOAa, nanpnMep, mo)kho aaneciM 
MMB nonb30BaTe/in KnnenTCKoro KOMnbioTepa 
nnn npuHnny pe3epBMpoBaHMB. CnncoK bw- 
ABHHbix aApecoB Aociynen b pa3Aene «Add- 
ress Leases*. Cnywda DHCP aBTOMarnHecKn 
apxMBMpyeT cboio 6aay Aannbix pa3 b 60 mm- 
nyr. PeaepBHas Konnn 6a3w pasMeiAaeTCB 
B nanxe WIND0WS\System32\dhcp\backup. 



Kpowe Toro, peaepBHoe KonnpoBanne mowho 
aanycTMTb BpyHnyio c Konconn ynpaB/ienuB 
DHCP, Bbi6paB nyHKT Menro «Action\Backup» 

M yKaaaB nanxy, xyAa TpeOyercn nonorKnib pe- 
aepBHyio Konnio. flocryn k kohco/im bamuhh- 
crparopa perynnpyercB rpynnaMW «DHCP 
Administrators* n «DHCP Users*. /Imub nonb- 
aoBarenn, BK/noHennwe b nepByio rpynny, mo- 
ryr wenjiTb nacTpoMKM cepBepa. 

OnMcaHMe pa6oTbi 
KjiiieHTa DHCP 

Hto6w KOMnbioTep b noKanbHow cein Mor 
B3anMOAeMCTBOBaTb c DHCP-cepBepoM, 



na HeM Hyrnno aKiMBnpoBaTb cnyrnOy DHCP 
Client. CAfiJiaTb 3 to mo>kho b nacipoMKax 
TCP/IP noKanbHoro ceieBoro coeAMHennfl c 
noMoiAbio BKnroHeHMB pewMMOB «0btain an IP 
address automatically* n «0btain DNS server 
automatically* (puc. 4). Hocne npuMeueHmi 
3TMX uacrpoeK DHCP-Knueui 6yAer axTUBupo- 
Bau, M ecnn b ceru npucyrcTByer KoppexTHO 
uacTpoeHHbiM DHCP-cepBep, Mamuna nonyuuT 
IP-aApec. flnn npoBepxu pa6oTocnoco6HocTu 
Knueuia mowho BBecru KowauAy ipconfig b 
ero KOMauAHOM cipoKe. llpoAecc npoAneHnn 

M OCBo6o)KAeHMB BAPeCA MO)KHO MHMAMUpO- 

B3Tb c noMoiAbio 3TOM }Ke KowauAbi c Kmona- 
MM /renew u /release. B peannsaAun Knnenra 
DHCP Microsoft npeAycMorpena B03M0>KH0CTb 
Mcnonb30BaHMn anbiepnaTUBHOM KOHcjrurypa- 
AMM crexa TCP/IP, xoropas axTUBupyeTcn, 
ecjiM DHCP-cepBep HeAocTynen. flapaMeipbi 
a/ibrepnaTUBHOM xoncfiurypaAmi Bbi6npax)TCfl 
c noMoiAbx) APIPA (Automatic Private IP 
Addressing). Perxnw APIPA paboraer cneAyio- 
lAMM o6pa30M: DHCP-xni/ieni Bbibnpaer cny- 
uaMHbiM aApec n3 Auanaaoua 169.254.0.0/ 
255.255.0.0 n c noMoigbX) ARP (Address 
Resolution Protocol) npoBepner, ecTb m ra- 
xoM aApec B ceru; ecnn aApec aanjiT, to bbi- 
6op ocyigecTBnfieTCfi aanoBo, ecnu cbo6o- 
Aeu — BbibpauMbiM IP-aApec u nacxa ceru 
BHOCBTCB B uacTpoMXM TCP/IP. TaxMM o6pa- 
30M, APIPA cnyrxMT uexoTopoii noAcrpaxoB- 
xoM ua c/iynaii orxaaa DHCP-cepBepa. 

SoKiiiOHeHiie 

Kax Mbi BMAHM, Microsoft npeAocraBnna cu- 
CTeMHowy aAMMHMCTpaTopy peannsaAux) 3awe- 
Hare/ibHOM cnyrxbbi, xoTopan nabaBnr ero or 
6onbiiioro xonunecTBa pyruHHOM paboTbi, C3xo- 
HOMMT BpewB M no3BonuT MsbewaTb ouiuboK, 
HTo nonorxmenbHo cxarxeTCfl ua xanecTBe pa- 
6oTbi noxanbHoii cern. ■■■ PoMaHCbipueB 
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OnepaunoHHaji cucieMa Windows Server 2003 oOnaAaei orpoMHbiMn bos- 
MOKHOCTjiMM HO HacipoMKe M ynpaB;ieHnio pas/iMMHbiMM ceieBbiMn c;iy>K- 
6aMH n cepBncaMM. Mx rpaMOiHoe Mcno/ibsoBaHMe nosBonneT SHaMme/ib- 
HoyBe;inMHTb CKopocib B3anMOAsPicTBHB Me>KAy M/ienaMn cein n noBbi- 
cnib ypoBeHb ee saiAniAeMHocin. 


0 CHOBHbieTpe6oBaHMJi, KOTopbie npept- 
BB/IJIIOTCJI nOabaOBBTeaBMH COBpeWeH- 
Hbix aoKB/ibHbix CBTeM pasauMHoro 
ypOBHB, OT He6o/1bllJMX flOMaUJHMX flO orpoM- 
HblX KOpnopaTMBHbIX, npaKTMHeCKM OAMHaKO- 
Bbi: CKOpOCTb HepBAaMM ASHHblX M B03M0)K- 
HocTb AocTyna k MHiepHeTy. VAOBaeTBopuTb 
3TM aanpocbi mowho HecKoabKHMn cnoco6aMn. 

OCHOBHbIM CpeACTBOM, CnOCo6HblM HOMOMb 
6blCTpO M 3C()4)eKTMBHO yBeaHHMTb CKOpOCTb 
nepeAaHM ASHHbix BHyipn cein, BB/iaeTCB 
c/iy>K6a Routing And Remote Access {«Mapm- 
pyTMaapnji u yAanenHwii AOCTyn»), Koropaa 
no3BonnT CBB3aTb necKO/ibKO pa3Ae/ieHHbix 


cerMeuTOB cein nan, APyrnwu caoBawn, ua- 
3HaHMTb cepBepy poab MapiapyTuaaropa. 

3ra )Ke caywda noMo>KeT npoBecru uacrpoM- 
KM, ueodxoAMMbie Aaa odecneueHua Aocryna 
Bcex HaeuoB aoKaabuon cern k MHTepHery. 

npo6neMa pocra 

Ho Mepe yBe/iMHeHMJi HMC/ia KownbiOTepoB, 
BXOflflmi/lX B COCraB tom M/IM MHOM C6TM, H6- 
M36e>KHO CHM>KaeTCfl M CpeAHflfl CKOpOCTb 
nepeABHM AaHHbix BHyTpM nee. flpeAno/io- 
}KMM, B BameM cotm HaxoAflTCfl 40 KOMnbiOTe- 
POB M OAMH CepBep, OT Ka>KAOrO KOMHblOTepa 
B KOMMyHMKaAMOHHblM ySC/l HpOTflHyT HpOBOA, » 


CHIP SPECIAL N^ll 



» M Bce 40 Ka6e/ieM noAK/iiOHeHbi k flByw kom- 
MyiaTopaw m;im KOMpeHTpaTopaM. KoMMyraro- 
pw (Bce onucaHHoe b paBHoii Mepe othocmtcb 
M K KOMpeHTpaTopaw) coeAMHeHbi Bwecre, 

B OAMH M3 HMX BK;iK)HeH OCHOBHOM CepBBp. 

B AaHHoii C6TM McnojibsyeTCB npoTOKO/i IP, 
AonycTMM, hto cepBep MMeer aApec 
192.168.1.200, a KJiMeHTbi — 192.168.1.1, 

192.168.1.2.. .. 192.168.1.40, m b 3tom c6tm 
6yA6T Mcno;ib30BaTbCji CTaHAapTHas wacKa 

255.255.255.0. 

riycTb cepBep noAKJiioHeH k KOMMyraropy 
Hepe3 lOO-MeraOnTHbiM nopr, npM 3 tom no;iy- 
HaercB, hto Bce copoK k/imbhtckmx Kounbio- 
TepoB Mcno;ib3yioT no;iocy nponycKaHMS 
100 M6 mt, m b xyAmew c/iynae (npM mbkcm- 
Ma/ibHOM Harpyaxe) KawAowy K/iMenry Aocra- 
Hercfl 100/40 = 2,5 M6 mt m;im npuMepno 300 
xOaMT B cexyHAy. Bo3mo>kho, bbm hb xBaraer 

T3KOM CKOpOCTM paOoTbl C6TM, HO H6T B03MO)K- 

HOCTM Mcno/ib30BaTb Oojiee Aoporoe o6opyAo- 
BaHMB, TO ecTb nepexoAMTb CO 100 M6 mt hb 


1 POmt. B 3TOM c/iynae mowho npocro paaAe- 

/IMTb OAMH CerWeHT C6TM, COCTOJUAMM M3 40 
KOMHbK)TepOB, H3 AB3 CerMBHTa HO 20 MBIUMH. 
fljiB 3Toro hboOxoammo ycraHOBMTb b cepBep 
Aono;iHMTe/ibHyio ceieByK) n/iaiy m, paaopeae 
coeAMHBHMe Me>KAy KOMMyiaropaMM, hoak/ho- 
HMTb MX K paSHblM CBTeBblM HJiaiaM. 



rioc;ie 3TMX M3MeHeHMM x;iMeHTbi 6yAyi mc- 
no;ib30BaTb abb Kaea/ia no 100 M6 mt kowabim, 

npM 3TOM CKOpOCTb oOneHa MH(|)OpMapMeM 

c cepeepoM yee/iMHMTCB b abb paaa. Ha (|)m- 
3MHecKOM ypoBHe npoO/iewa AeiicTBMTenbHo 
pemeHa, ho eipe ocTaerce m ypoaenb norMHe- 
CKMM — nocne loro xax ceib 6bma paaAenena » 
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Minajp Ym 3mwwr 


Phc. 3. flMa;ioroBoe okho Macrepa ao- 
6aa;ieHHn HOBoii poaH cepBepy 



» Ha flsa cerMeHTa, KJiMeHTbi b paaHwx t|)M3MHe- 
CKMx o6;iacTBx ceiM 6o;ibiije He Moryr coeAn- 
HBTbCB Apyr c ApyroM HanpsMyK), kbk 3 to 6 w- 
;iO B03M0)KH0 paHbiije. 

Me^KceresoM moct 

riepBoe, HTo MO)KHo CAe;iaTb, ncno;ib3yji 
Windows Server 2003 , htoOw BocciaHOBMTb 
npewHee cocTOBHne, 3 to BKnioHMTb moct m ra- 
KMM o6pa30M CHOBa oOteAMHMTb ABa cerMeH- 
Ta B OAMH, HO Tenepb yme na /lorwHecKOM 
ypoBHe. flnji 3Toro hboOxoammo Bbino/iHMTb 
cneAyioiAHe AeMCTBMJi. B nacTpoiiKe «Network 
Connections*, KOTopan naxoAHTcn b nanenM 
ynpaBneHMJi, oToOpawaeTCfi chmcok ycTanoB- 
neHHbix ceTeBbix MHTepcjjeiicoB. VAeprKMBaB 
KnaBMmy «Ctrl», OTMeTbTe abb noAKnioHeHMB 

M 3aTBM, Bbl3BaB KOHTBKCTHOe MBHIO M Ha)KaB 
npaByio KHonxy mwiijm, BwOepMTe pasAen 
«Bridge Connections* («HacTpoiiKa M 0 CTa»). 
riocne 3Toro npoM3oiiAeT ero cosAanwe, 

M B CHMCKe nOAK/1K)HeHMM nOBBMTCB HOBOe — 
«Network Bridge* («CeTeBOM moct») (pwc. 1). 

fla/ibHeiiiiJMe nacrpoMKH npoTOKona TCP/IP 
BbinonHjHOTCB MMeHHo Ann Hero. B KOHTeKCT- 
HOM MeHK) 3TOrO nOAKniOHeHMfl HeoOxOAMMO 
BbidpaTb pa3Aen «Properties» m b nonBWB- 
meMCfl Ana/ioroBOM oKHe b cnwcKe «This con- 
nection uses the following items* («KoMno- 
HeHTbi, Mcno/ib3yeMbie 3 tmm noAKmoHeHneM») 
nepeMTM k CBowcTBaM nyHKTa «Internet 
Protocol (TPC/IP)*. 

TaM HeoOxoAMMo BwOpaTb onAWK) «Use the 
following IP address:* («Hcno/ib30BaTb c/ie- 
AyioiAMM IP-aApec:») m b nonBMBmeMcn none 
BBecTM aApec, KOTopbiii panee wMen eAWH- 
CTBeHHbiM ceTeBOM MHTepeJreMC cepBepa. IlpM 
nepexoAB k nonio «Subnet mask:* («MacKa 
noAceTM:*) oho sanonHaeTcn aBTOMaTMnecKM. 
rioATBep)KAaeM cbom Bbi6op, narnaa «0K» 
(pMC. 2). riocne ycneiBHoro npoaeAenMn 3 tmx 
HacTpoeK cepaep craHOBMTcn noxo>K na 


oObiHHbiM KOMMyraTop. Oh 6yAeT o6pa6aTbi- 
B3Tb BxoABiAne naKOTbi cneAyioiAHM oOpaaoM. 

Ecnw naxeT npwxoAMT m 3 cerMenra A m 
npeAHaananen KOMObrorepy, naxoAniAeMycn 
B cerMeHTe A, to TaKoii naxeT ocTaeTcn b 3 tom 
ceTeBOM cerMeHTe. 

Ecnw naxeT npwxoAMT m 3 cerMeHTa A m 
npeAHaananeH xoMObxrTepy, naxoAfUAeMycn b 
cerMeHTe B, oh nepecwnaeTcn b cerMenT B. 

Ecnw M3 cerMeHTa A npnxoAMT mnpoxoBe- 
lAaTenbHbiM naxeT, oh oTnpaBnneTcn bo Bce 
cerMeHTbi xpoMe cerMeHTa A — moct nponyc- 
xaeT ujMpoxoBeiAaTenbHbie naxeTw nepea ce6n. 

OneBMAHo, hto ecnn ujMpoxoBeiAaTenbHwe 
naxeTbi cocTaBnnxrT cpaBHMTenbHo HeOonbinoM 
npoAeHT cpeAM Bcex o6pa6aTbiBaeMbix naxe- 
TOB, B xarxAOM cerMeHTe ceTM cxopocTb paOoTw 
yBenMHMBaeTcn. B MTore bu nonyHaeTe npn m 3- 
MeneHHOM cfrMaMHecxoM CTpyxType cbtm Ty >xe 
caMyxr norMHecxyx) CTpyxTypy, m npM 3 tom hbt 
HeoOxoAMMocTM BbinonHBTb xaxyx)-nM6o xoh- 
c()MrypaAMX5 npoToxona IP. 3 tb B03M0>XH0CTb 
nocTpoeHMB ceTeBoro moctb, nonBMBmancn 
B Windows Server 2003, npeACTaBnneTcn onenb 
nonesHOM b onMcaHHoii CMTyaAMM. 

H Bce-TaxM TaxoM BapwaHT nenban cHMTaTb 
MAeanbHbiM Ann nx)6bix ycnoBMM. Ho Mepe yae- 
nMHeHMn paaMepa cerMeHTOB m mx xonMnecTBa, 
lijMpoxoBeiAaTenbHbie naxerw 6yAyr cocTaa- 
nnTb Bce 6onee anaHMTenbHyx) Aonx) TpacfiMxa. 
HanpMMep, ecnn y aac OyAer 10 cerMenToa no 
50 XOMHbXJTepOB M Xa)XAblM M3 HMX OyABT HO- 
CbinaTb ujMpoxoBeiAaTenbHbiM naxer paa b ce- 
xyHAy, TO xarxAbiM m 3 500 xoMnbXJTepoB 6yA6T 
500 paa B cexyHAy nonynaTb lUMpoxoaeiAa- 
TenbHbiM naxeT m o6pa6aTbiBaTb ero. 

MapuipyriisaTop 

CxarxeM, bw 6h xorenM paaAenMTb BamM 
xoMnbxjTepbi Ha ab® IP-ceTM: 192.168.1.x 
M 192.168.2.x CO CTaHAapTHOM Ann TaxMX 
cereM Macxoii. flnn 3Toro hboOxoammo m 3- 


MeHMTb IP-aApeca xoMnbxrTepoa, oxaaaa- 
ujMxcn BO BTopoM CerMeHTe. 

BbinonHMTb 3Ty aaAany mo>xho paanbiMM 
cnoco6aMM: ycTanoBMTb HOBwe aApeca apyn- 
Hyx) MnM c noMoiAbX) cny>x6bi DHCP. KpoMe 
3Toro HeoOxoAMMo Taxrxe BwOpaTb aApec 
Ann BToporo ceTeaoro MHTep4)eMca cepaepa. 
(IlpMHeM ecnM ao 3Toro Mcnonbaoaancn 
MOCT, HeoOxoAMMo ero yAanuTb, nocne nero 
CTaneT BoaMorxHbiM aaAaaaTb napaMeTpbi mh- 
TeptjjeMCOB HeaaBMCMMo.) IlycTb 3 to 6yAeT 
aApec 192.168.2.200. 

BbinonHMB HeoOxoAMMbie nacTpoMXM, npo- 
BepbTe coeAMHeHMe xoMnbx)Tepa Cl-1 m 3 cbtm 
A c cepaepoM no IP-aApecy, Mcnonbayn Ann 
3Toro xoMaHAy ping. KoMnbx)Tepbi cbtm A mo- 
ryT oOpaiAaTbcn APyr x Apyry, b cbtm B xom- 
nbX)Tepbi Taxrxe o6paiAax5Tcn x cepaepy 
M Apyr X Apyry. CnorxHocTM BoanMxaxrT npn 
nonbiTxe xnnenTa m 3 cotm 192.168.1.0 
(nanpMMep xoMnbX)Tepa Cl-1 c aApecoM 

192.168.1.1) oOpaTMTbcn x xnnenTy b cotm 
192.168.2.0 (xoMHbXTTepy C2-1 c aApecoM 

192.168.2.1) . Ha xoMHbXJTepe Cl-1 nonynaeM 
xapTMHy, M3o6pa>xeHHyx) na pMC. 5. 3 to coo 6- 
lAeHMe roBopMT o tom, hto xoMnbX)Tep Cl-1 
He onpeAennn, xyAa oTnpaBMTb naxeT. Oh 
anaeT, xax oTnpaBMTb naxeT xoMnbxrTepaM, 
pacnonorxeHHbiM b ero cotm (192.168.1.x), 
McxoAn M3 CBoero IP-aApeca 192.168.1.1 m 
M acxM 255.255.255.0, ho ne anaeT, xax naxeT 
AonrxeH nonaAaTb b APyrne ceTM. EMy nyrxen 
xaxoM-To mnxia, coeAMHnxjiAMM ero ceTb c 
ApyrMMM. TaxMM mnxraoM b ashhom ceTM 6y- 
AeT nBnnTbcn Bam cepaep, MMeHHo oh cobam- 
HneT ceTb 192.168.1.0 m ceTb 192.168.2.0. 
rio3TOMy ero aApec m HyrxHo bboctm b none 
«Default Gateway:* («0 chobhom mnxra:*) 

B CBOMCTBax npoToxona TCP/IP cereaoro 
noAxnxrneHMn na Cl-1. 

Bce, HTO Bbi cAenanM na Cl-1, neoOxoAMMo 
noBTopMTb Ha xoMHbXTTepe C2-1, BeAb Tenepb 
OH, nonyHMB IP-naxeT c aApecoM oTnpaBMTe- 
nn (192.168.1.1), AonrxeH OTnpaBMTb otbot 
MMeHHo eMy. flnn 3Toro oh Aonrxen anaTb, 
xax ero ceTb (192.168.2.0) CBnaana c oc- » 



Phc. 5. rionbiTKa KoivinbioTepa ceiH A 
o6paTHTCfl K KOMnbioTepy cexH B 
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» TaJibHbiMM. A CBJiaana ona raxwe nepea sam 
cepsep, oT/iMHue cocraB/ijieT to/ibko aApec 
MHTepcfjeMca, noaioMy b cern 192.168.2.0 
m/iioaoM 6yA6T jiBJiJiTbCJi 192.168.2.200. 

HacrpoMB takum o6paaoM o6a KounbioTe- 
pa, Heo6xoAMMo renepb paaoOparbCfi m c cep- 
BepoM, KOTopbiii npocTo He anaeT o tom, hto 
B bi xoTMTe Mcno;ibaoBaTb ero b KanecTBe Map- 
mpyiMaaTopa. H AeMCTBHiejibHO, pj \!\ roro 
HTo6bi McnoTibaoBaTb cepBep b KanecTBe m/iio- 
aa MewAy ceijiMM, hboOxoammo aaAewcTBo- 
Baib cjiywOy MapiupyTMaapHM m yAa;ieHHoro 
AocTyna. BKJiioHMTb ee AocraTOHHo npocro 
c noMoiAbK) MacTepa HacrpoMKH cepaepa. 

B Ana/iore «Manage Your Server® («ynpaB- 
neHMe AaHHbiM cepeepoM®) BwOepme nyuKT 
«Add or remove a role® («flo6aBHTb m/im yAa- 
BMTb pojib®) (pnc. 3). Ha axpaue noBBJifleTCB 
MacTep HacipoMKM cepeepa. floc/ie ero aanyc- 
Ka HaHHercB onpeAe/ieHne napaMerpoB cere- 
BblX nOAK/IIOHeHMM. B nOBBHBlUeMCB CUMCKe 

«Server Role® Bbi6npaeM paaAen «Remote 
Access/VPN Server® («CepBep yAa/ieHHoro 
AocTyna m/im VPN-cepBep®). llpoMaoMAeT 3a- 
nycK Maciepa yciaHOBKM cepeepa wapiupyTM- 
aapMM M yAa/ieHHoro Aocryna. B cnwcKe Boa- 
MOWHbix KOH(J)MrypaL(MM BbiOnpaeM nyuKT 
«Custom configuration® («0co6an KOH(|)Mry- 
paguB®) M noc/ie aroro b oTKpbiBmeMCB oKue 
oTMeuaeM c/iy>K6y «LAN routing® {«Mapmpy- 
Tuaapnji IIBC®). Ha npeA/iorKeHue OC aanyc- 
TMTb ee oTBeuaeM yiBepAme/ibHo. Ha 3 tom 
M acTep HacipoMKM cepeepa aaKaHUMBaer 
CBOK5 pa6ory (pnc. 4). Tenepb IP-naKerw ot- 
npaBnmoTCfl ua cein 1 b ceib 2 n oOpaiHo. 

MapiupyTuaarimi IP HacTpanBaeTcn Aocra- 
TOHHo npocTo. CncreMa Windows Server 2003 
caMa CTpoMT MapmpyTbi ua ocHOBaHMM napa- 
MerpoB cyigecTByioiAMx uHTep(|)eMC0B. flpo- 
CMOTpeib ceieBbie Mapiupyibi mo>kho cneAyio- 
lAMMM cnoco6aMM. 

► HaOpaib B KOMBHAHOM CTpOKe C/IOBOCOHe- 

TaHwe route print. 




► Bbi6parb b okhb «Manage Your Server® 
nyHKT «Manage this remote access/VPN serv- 
er® («ynpaBneHue yAaneHHbiM AocrynoM rmu 
VPN-cepBepoM®).B noflBMBmeMCJi KOHconu 
ynpaBBeHMfl cnywOoM MapiupyTMaaguu Bbi6e- 
pme CBoii cepBep, aarew, «IP Routing 
Static Routes® u BbiaoBure KOHieKCTHoe 
MeHK). BbiOepme b weHK) nyuKi «Show IP 
Routing Table...® («0To6paanTb Tabnngy IP- 
MapiupyTuaapMu...®). 

Ka>KeTCji, HTO paaAe/ieHne oahom IP-ceTu 
Ha ABe aaBepmeno, ho 3to ne cobcom tbk. 
CnOWHOCTM B03HMKaK)T OpM HOOblTKe KOMHbK)- 
Tepa Cl-1 M3 ceTM A o6paTHTbCfi k KOMObiOTe- 
py B ceTM B no mmohm. 3to roBopuT o tom, hto 
KOM nbHDTep Cl-1 He MO)KeT BbinonHMTb npe- 
obpaaoBaHMe MMeHM b IP-aApec. H TyT npw- 
m/io BpeMn aaAyMaTbcn o tom, noneMy 3 to 
npeobpaaoBaHMe paboTano panbiue, kotab 
ceTb cocTojma mb oahoto cerMenTa, m noarxe, 
KorAa Mcno/ibaoBancfl moct. B cMCTeMe 
Windows npeo6paaoBaHMe mmbh Bbino/iHs- 
eTCB c noMoiAbK) Asyx MexaHMSMOB: DNS 
M NetBIOS. EcnM bbi panee ne HacTpauBanM 
DNS, B BameM cbtm paboTano npeobpaaoBa- 
HMe MMBH Hepea NetBIOS. Oho npoMcxoAMno 
cneAyioiAMM obpaaoM — KOMObioTep, wenaio- 
lAMM npeobpaaoBaTb mms C2-1 b IP-aApec, 
nocbi/ia/i lUMpoKOBeiAaTenbHbiM aanpoc bcbm: 
«KaKoii KOMnbK)Tep mmobt mmji C2-1?® Kom- 
nbioTep c TaKMM MMeneM nocwnan otbot m co- 
obigan b hbm cbom IP-aApec. IloKa cerMeHT 
bbm OAMH v\m McnojibaoBancn moct, mupoKO- 
BeigaTe/ibHbie naxeTbi npMxoAnnn ko bcbm 
KOM nbHDTepaM ceTM, no3TOMy npeobpaaoBa- 
HMe MMeH NetBIOS paboTa/io. Tenepb we, 
KOTAa Bbi nocTpoMJiM ABe paanMHHbie IP-ceTM, 
lUMpoKOBeiAaTe/ibHbiM naxeT, noc/iaHHUM b ce- 
TM A, ocTaeTCfl b neii: KOMnbioTepbi b APyroii 
ceTM ero He nonynaiOT, Tenepb tbkmm cnoco- 
boM MX MMeHa He MoryT bwTb npeobpaaoBanbi 
B IP-aApeca. Ecnn bw McnoribayeTe KJiMeHT- 



CKMe KOMnbiOTepbi c CMCTeMaMM Windows 95, 

TO A/ie pemeHMfl BoaHMKiueM npobneMw mow- 
Ho BxmoHMTb HB cepBope cnywby WINS, koto- 
pan byAeT cobMpaTb MMena m aApeca KOMnbio- 
TepoB, paboTaioiAMx b KawAOM m 3 ceTeii m 
B bino/iHBTb npeobpaaoBaHMe mmbh b IP-aApe- 
ca no aanpocy xnMeHTOB. flnn coBpeMeHHwx 
K/ 1 MeHTCKMX OnepaUMOHHbIX CMCTBM peKOMBH- 

AyeTCB McnojibaoBaTb CMCTeMy npeobpaaosa- 

HMJI MMBH DNS. BbinOJIHMB M 3 TM HaCTpOMKM, 

Bbi nonyHM/iM ceTb opraHMaapMM, cocTomAyio 
M 3 AByX paa/IMHHbIX IP-CeTBM, B KOTOpOM Bce 
K/iMeHTbi MoryT obpamaTbCJi k cepBepy m APyr 
K APyry no IP-aApecaM m MMenaM. 

YAaneHHbiM Aocryn 

Tenepb npMumo BpeMsi noAyMaTb o noAK/uone- 
HMM 3 TOM ceTM K PlHTepHeTy. flnji 3 Toro noHa- 
AobMTCB ycTBHOBMTb HBoOxoAMMoe obopyAO- 
BaHMe: moabm, ISDN m^m DSL. 

flanee byAeT paccMOTpeno noAxniOHeHMe 
c noMoigbio MOAeMa, ho Bce onMcannoe b 
paBHoii Mepe othocmtca m k APyroMy obopy- 
A 0 B 3 HMI 0 , paboTaioiAeMy no npoTOKOBy PPP 
(nanpMMep ISDN). EcnM we McnonbayeTcn 
Ethernet-MHTepc()eMC, to, c tohkm apeHMji 
Windows, 3 to byABT Taxan we ceTeBan nnaTa, 
xax M ocTanbHbie, no 3 TOMy nacTpoMxy yAa- 
neHHoro AocTyna BbinonneTb He TpebyeTcn 
M Bbi MoweTe nepeMTM cpaay x c/ieAyx)LAeMy 
paaAB/iy «ripoToxon NAT®. 

ycTBHOBMTe moabm h 3 BaiueM cepBepe. 
HacTpoMxy noAxnxrneHMji c noMoiAbX) MacTe- 
pa BbinonHJiTb He nywHO. rioAX/ix)HeHMe x 
HHTepneTy bw npoBeASTe, BocnojibaoBaB- 
UJMCb B 03 M 0 WH 0 CTJIMM CMCTeMHOM Cnywbbi 

«Routing and Remote Access®. 

riOMMMO TOrO HTO 3 T 3 CJiywba MOWeT Map- 
mpyTM 3 MpoBaTb naxeTbi MewAy paaHWMM cer- 
MBHTaMM ceTM, OH 3 TBXWB MOWBT BbinO/IHeTb 
noAXJiHDHeHMe no TpeboeaHMX) x ApyrMM ce- 
T 5 IM (b tom HMcne M X RlHTepHeTy). 3 to oana- » 
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» Haer, hto cjiy>K6a 6yfler ycTaHaBanBaib aa- 
flaHHoe coeAMHeHne no wepe Heo6xoflHMo- 
CTM (no aanpocy samnx KnuenTOB). Kpowe 
3Toro, ecnn coeAMHenne b TeneHne onpeAe- 
aennoro Bpewenn ne ncnonbayeTca, oho Mo- 
wer 6biTb paaopBaHo. 

BbinonHMTe HacrpofiKy MHreptJjeMca noA- 
KniOHeHMfi K MHiepHery no rpe 6 oBaHmo cne- 
AyioiAMM o 6 paaoM. B KOHConw ynpaBaenmi 
cny>K 6 oii MapiapyrMaaLiMM MaMeHMie CBoiicTBa 
Bamero cepaepa. flan aroro na BxaaAKe 
«General» ycraHOBMTe nepeKaionareab b no- 
ao)KeHMe«LAN and Demand-dial routing*. 

B oTBer Ha npeA^owenne nepeaanycTMTb 
cepBep oTBeibre yiBepAMreabHo. OGparMre 
BHMWaHMe, HTO B CHMCKe AOCTyHHblX MOAyaBM 

cepaepa MapiapyrMaagHM nonaMaMCb raxwe 
«Ports». ripocMorpHTe mx CBoiicTBa. Bw6e- 
pwre B noflBMBmeMCJi cnMCKe ycraHOBaen- 
Hbiii MOAew M HawMMre KHonxy «Configure» 
(pMC. 6). yHMTblBaa TO, HTO Bbl XOTMTe MCHOab- 
aoBaTb MOAeM Ana ycraHoaneHMa awaoBa 
no Tpe6oaaHMio, oTpaanre aro b nacrpoMKax 
(pMC. 7). OcTanocb ToabKo onpeAeaMTb coot- 
BercTByioiAMM MHTep(|)eMC no TpedoaaHMK) — 

B KOHTeKCTHOM MeHK) «Network Interfaces* 
Bbi6epMTe nyHKT «New Demand-dial 
Interface...* (pwc. 8). C noMoiAbro Macrepa 
coaAaHMB MHTep4)eMca onpeAeawre neoGxoAw- 
Mbie napaMerpbi noAxaiOHeHMa k npoBawAepy, 
TaKMe KaK HaaBanne MHTeprJreMca, rwn noAxaio- 
HeHMfl, McnoabayeMbiM aAanrep n HOMepa reae- 
(JroHOB Bamero nHTepneT-npoBaMAepa. 

flpoBepbre McnoabayeMwe napaMerpbi 
6eaonacHocTM (BoaMowHo, bbm npHAerca 
McnoabaoaaTb HeaamMtjrpoBaHHbiM napoab 
Aaa noAKaioHeHMa k Ce™). 

Ha caeAyioiAeM axpane naM hboGxoammo 
onpeAeaMTb Macxy cerw, oGcaywMaaeMOM 
BamMM MHTep(|)eMCOM. 3areM aaAaiOTca mmh 
M napoab noabaoBareafl, Koropwe AoawHw 
6biTb Haananenbi npoBaMAepoM. Ha aroM pa6o- 



ra Macrepa nacrpoMKH MHTep4)eMca Bbiaosa 
no Tpe6oBaHMK) aaKaHHHBaerca. 

Tenepb, xax ToabKo bw o6paTHTecb c cep- 
Bepa K BHemneMy (naxoAniAeMyca aa npeAe- 
aaMM BamMx Asyx cereii) yaay, cayw6a 6yAer 
ycranaBaMBaTb coeAMnenMe c HnrepHeTOM 
aBTOMaTMHecKM. Bbl CMowere, naxoAacb 
Ha cepaepe, paGorarb b HnTepHere, ho Bamn 
KaneHTbi no-npewneMy He MMeioT raxoM Boa- 
MowHocTM. flpewAe hbm McnpaanTb aro no- 
aoweHMe, neoGxoAMMo onpeAeaMTb, kbkmm 
o6paaoM bw noAKatoHaerecb k l/lHTepHery. 
floayHMaM nv\ bh oamh MaM HecKoabKO pe- 
aabHbix IP-aApecoB MaM we noAxaiOHaeTecb 
no dial-up, npM aroM IP-aApec Bcero oamh, 

M OH AMHaMMHecKM MaMeHaeTCB OT noA- 
KaioHeHMfl K noAKaiOHeHMio. 

B caynae, ecan npoBauAep BbiAeana ne- 
CKoabKo IP-aApecoB (no HMcay ycranoBaen- 
Hbix KOMHbiOTepoB) M Bbl pemMaM MCHOabaO- 
Barb Aaa MamMH b CBoeii cern peaabHwe 
IP-aApeca, hboGxoammo MaMeHMTb aornne- 
CKyio crpyKTypy CBoeri cotm. Haananbre 
KawAOMy KOMnbioTepy aApec Ma BbiAannoro 
AManaaoHa m nacrpoMTe MapmpyrMaaAMio — 
ycTanoBKa AonoaHMTeabHwx KOMnoneHTOB 
Ha cepaep ne noTpeGyerca. 

flpoTOKon NAT 

EcaM we IP-aApecoB noayneHo MeHbme, neM 
KOMObiorepoB b ceTM, bw ne CMowere BWAarb 
KawAOMy flK peaabHbiM IP-aApec. Bobmowho, 
Aaa HeKOTopbix nporpaMM aro aBaaerca ce- 
pbeaHbiM orpaHMHeHMeM, ho Bce-raxM 6oab- 
mMHCTBo nporpaMM paGoraior ne na ypoBHe 
IP, a Bbime — c nporoKoaaMM TCP/UDP. 

B arMx npoTOKoaax noMMMo HOMepa KOMnbio- 
repa (IP-aApeca) onpeAeaen raxwe HOMep 
nopra ( 16 - 6 MTHoe HMcao, CBaaannoe b kom- 
nbiorepe c onpeAeaeHHWM ceresbiM npnao- 
weHMeM). flaxeT, KOTopbiii ornpaBaaerca 
OAHMM cereBbiM npMaoweHMeM APyroMy, 


noMMMo aApecoB oTnpaBMTeaa/noaynareaa 
coAepwMT raxwe m mx nopTw. 

flpoTOKoa NAT (Network Address Trans- 
lation), peaaMaoBaHHbiM b cayw6e Mapmpy- 
TMaariMM Windows Server 2003 noaBoaaer 
«caKOHOMMTb» HB IP-BApscax, yHMTbIBaa nop- 
Tbi nepeABBaeMbix naxeroB. KawAtm naxer, 
xoTopwM ornpaBaaerca mb BHyTpeHHeii cerM 
BO BHemHxrx), noABepraerca o6pa6orxe. NAT- 
npeoOpaaoBareab aanocMT aApec/nopr xom- 
nbxarepa/npMaoweHMa, ornpaBMBmero naxer, 

B CBOX) raOaMAy (nanpMMep 192.168.1.1: 

8019). KpoMe aroro oh BbiGnpaer cbom cbo- 
6oAHbiM nopr (nanpMMep 8139 ) m raxwe aa- 
noMMHaer ero b radaMpe. 3areM oh aaMenaer 
aApec ornpaBMTeaa (mb BHyapenneM cerM 
192.168.1.1) CBOMM peaabHbiM aApecoM (na- 
npMMep 1.0. 0.1) M nopr ornpaBMreaa (8019) 
Bbi6paHHbiM (8139). KoTAa BwawBaeMbiM xaM- 
eHTOM yaea HHrepnera BOBapaipaer oraer, oh 
BoaEpaipaer ero no BHemneMy aApecy cepee- 
pa (1.0.0.1:8139). NAT-npeo6paaoBareab 
HaMAer b ra6aMAe aanMCb, CBaaaHHyx) c ash- 
HbiM noproM (8139), m nepemaer naxer xom- 
nbX)Tepy/nopry, yxaaaHHOMy b btom aanncM 
(192.168.1.1:8019). TaxMM o6paaoM, c tohxm 
apeHMa xaMenra, Bce BwraaAMr npoapanno, 
ero npMaoweHMa paGoraxar rax, xax ohm pa- 
6oraaM 6w c peaabHWM IP-aApecoM. 

flOMMMO TOrO HTO MOWHO o6eCneHMTb Bbl- 
xoA B klHTepHer necxoabXMM xoMnbxrrepaM, 
Mcnoabaya Bcero oamh peaabHbiM IP-aApec, 

Bbl raxwe noayHaere AonoaHMreabHyx) cre- 
neHb aaiAMTbi. AApeca xoMnbxrrepoB Bameri 
BHyrpeHHeii cerM ocraxrrca BHyrpM — noxa 
paOoraer NAT-npeo6paaoBaHMe, noAxaxr- 
HMTbCa X HMM MB BHemHeM CeTM HeBOBMOWHO. 

flpoToxoa NAT npeBpaipaer sam cepsep b 
6paHAMayap MaM MewceresoM axpan. Tenepb 
cepaep paaAeaaer cerM, npM aroM Windows 
Server 2003 He nponycTMT nepea ce6a naxerw, 
npeAHaBHaneHHbie xoMnbxrrepaM bo BHyrpeH- 
HeM ceTM. 1/lHOTAa Bce we BoaHMxaer Heo6xo- 
AMMOCTb OTXpbITb AOCTyn X HeXOTOpbIM npM- » 
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» jioxteHMjiM (nopraM) b Bameii BHyipeHnefi 
ceTM. HanpuMep, bbi aaxoTMie ony6/inKOBaTb 
Be6-cepBep, pa6oTaiomMii na KownbiOTepe 
BO BHyrpeHHeM cbtm. flaji aioro bw Moxere 
onpeABJinTb cTaiMHecKoe npeo6pa30BaHne — 
3aA3Tb, HTo o6paiAeHMfi K onpeAe/ieHHOMy 
nopry (nanpuMep 80-ii nopr — Be6-cepBep) 
Ao;i)KHbi HanpaB/iJiTbCfl k KOMObiOTepy, pacno- 
;io}KeHHOMy bo BHyrpeHHeii cern (nanpuMep 
c aApecoM 192.168.1.1). 

HacrpoMTb nporoKoa NAT AoCTaroHHO npo- 
CTo. Ec;im Bbi o6paTMTe BHuwaHne, b cnucKe 
MOAy/ieM IP-MapmpyTM3aLiMM y>Ke npucyrcTBy- 
er npoTOKo/1 NAT/Basic Firewall. 

Bbl30BMTe KOHieKCTHOe M6HI0 3Toro npOTO- 
Kona M Bbi6epnTe «New Interface* (puc. 9). 

Bbi6epnTe MHTepc()eMC «Internal», b cbom- 
CTBax NAT yciaHOBMTe napaMeipu «Public in- 
terface connected to the Internet*, «Enable 
NAT on this interface*, «Enable a basic fire- 
wall on this interface*. Ec/im npoBawAep 
BbiAa/1 Baw necKonbKo craTMHecKnx aApecoB, 
3aAawTe nx na BK/iaAKe «Address Pool*, 

KpoMe 3Toro Bbi MorKere HasHannTb nepena- 
npaB/ienne naxeTOB, npeAHaananeHHbix on- 
peAe/ieHHbiM npnnorKenmiM, paboraioiAMM 
BO BHyipenneM cern, na BxnaAKe «Services 
and Ports*. Ha BxnaAKe «ICMP» bw Moweie 
3aA3Tb, byAernn Bam cepaep nepeAaBaib 
ynpaBnnioiAMe n recTnpyioiAMe coobiAennn 
npoTOKona IP. floc/ie 3ioro noATBepAme 
CBoii Bbi6op, HawaB KHonxy «0K». 

3areM Ao^aBbie BHyipennne nHTepiJieiicbi 
M oTMeTbie MX K3K «Pn'vate interface con- 
nected to private network* (puc. 10). 

flanee HeobxoAUMo raxiHe HacrpoMib k/im- 
eHTOB Ha Mcnonb30BaHMe DNS. 3 to mowho 
CA enaib, 3aAaB aApec, yKaaaHHbm npoBaMAS- 
poM Ha KawAOM m 3 KownbiorepoB b none 
«DNS server*. Moikho McnonbaoBaib cnyinby 
DNS-cepeep, BXOAruAyio b cocraB onepapMOH- 
Hoii CMCTBMbi Windows Server 2003. flnn 
3Toro ycTBHOBMTe ee, Bocno/ib30BaBmMCb wac- 
repoM ynpaB/ieHMn Bamnw cepeepoM. Bw6e- 
pMie nyHKT «Add or remove a role*. B cnMcxe 
«Server Role* na 3 tot paa BbibepMre «DNS 
server* (pnc. 11). florKAMiecb oKOHnanMn 
HacrpoMKM KownoHeHTOB Windows (bo3mo>k- 
Ho, Baw noHaAobMTCfi BcraBMTb ycranoBOH- 
HbiM KownaKT-AMCK Windows Server 2003). 
flo oKOHHaHMM ycTaHOBKM 6yAei sanyipeH 
Maciep HacipoMKM DNS-cepeepa (pnc. 12). 
HacrpoMKy cepeepa DNS bh npoBeAeie Bpyn- 
Hyio. B AManoroBOM okhb «Manage Your Ser- 
ver* BbiOepMTe ccbmKy «Manage this DNS 
server*. Ha axpane nosiBnjieTCJi KOHconb 



ynpaBBeHMji Bamnw DNS-cepeepoM. Bw3o- 
BMie Ha 3Kpan Ananor onpeAsneHMsi cbomctb 
cepBepa. Ha ero BK/iaAKe «Forvarders» yKa- 
>KMTe aApec DNS-cepeepa Bamero npoBaiiAe- 
pa (pMC. 13). BbinonHMB HacrpoMKy cep- 
Bepa, yciaHOBMTe ero aApec b none «DNS 
server* b napaneipax npoioKona TCP/IP 
Ka/KAoro ceieBoro K/iMenia. 

PesynbTaTbi pa6oTbi 

B MTore Bbi no/iyHM/iM paboiaioiAyio IP-ceib, 
cocTOJUAyio M3 HecKo/ibKMx 4)M3MHecKMx cer- 
MBHIOB, B KOTOpOM Ka/KAbIM K/IMBHI MO/KBI 


Bbi MO/Keie npoAo/i>KMTb pasBMiMe BameM 
ceiM, ec/iM BHeAPMie b hsm HTTP-npoKCM- 
cepBep. y BameM ceroAHnmHeM ceiM ecib 
onpeAeneHHbie HeAociaiKM. Bo-nepBbix, 
ecjiM OAMH nonb30Baie/ib oOpaiAaeicH 
B klHiepHei 3a cipaHMipeM www.ipad- 
dress.org, a nepea HecKO/ibKO MMHyr 
3a HeM oOpaTMTCH APyroM no/ibaoBaienb, 
TO ero KOMHbioTep OyAOT CHOBa yciaHaB- 
nMBaib coeAMHeHMe c cooTBeicTByioLAMM 
Be6-y3/i0M M 3arpy>KaTb 3iy cipaHMipy. 

B peaynbiaie Bbi OyAeie onnaHMBaib mho- 
roKpaTHyio aarpyoKy oahmx m lex >Ke ash- 
HblX, a BMeCTe C 3TMM CHM3MTCH CKOpOCTb 
McnonbaoBaHMH klHTepHeia APycMMM nonb- 
aoBaienriMM. Bo-BTopbix, Bbi He Mo/Keie 
fmOko orpaHMHMBaib noceipeHMe BamMMM 
nonbaoBaienriMM caMTOB coMHMie/ibHoro 
coAep>KaHMH. flpoOneMbi 3 tm Henban pe- 
rn MTb Mcnonbayn TO/ibKO npoTOKon NAT, 

T3K K3K OH paOoTaeT Ha ypoBHe TCP m 
UDR a B3M Hy>KH0 onepMpoBaib c noHS- 
TMHMM «Be6-CTpaHMi4a» M «Be6-cepBep>i. 

A OHM cymecTByioT Ha ypoBHe HTTP. 3tm 



oOpaiAaibCfl k cepsepy, coceAHMM KOMnbioTe- 
paM M K cepBepaM b ceiM HHiepHei. flan 3 to- 
ro BBM noHaAo6M/iocb to/ibko ohbiHHoe ceie- 
Boe obopyAOBaHMe: neAoporMe ceieBbie 
nnaibi, KOMMyiaTopbi/KOHAenTpaTopbi, moabm 
M/1M ISDN/DSL M Bcero oamh cepBep, pa6oia- 
loiAMM noA ynpaBneHMeM Windows Server 
2003. VAObHblM MHTyMTMBHO BOHSTHblM MHTep- 
(JieMC paa/iMHHbix waciepoB Windows Server 
2003, npeAOCTaBnneT CMCieMHOMy sawmbm- 
cipaiopy 3(|)4)eKTMBHbiM MexaHM3M p,m pa3- 
BepibiBaHMJi ceiM m ynpaB/ieHMn ohteAMHbiMM 
KOMHblOTepaMM. ■ ■ ■ AjieKCaHAP JIaXMH 


npoO/ieMbi noMO>KeT pemMTb KamMpyioiAMM 
HTTP-npoKCM-cepBep. B cociaB Windows 
Server 2003 He bxoamt BcipoeHHbiM 
HTTP-npoKCM-cepBep, ho mo>kho Mcnonb- 
aoBaib Aono/iHMTe/ibHbie nporpaMM- 
Hbie npoAyKTbi: Internet Security and 
Acceleration server ot Microsoft (www.mi- 
crosoft.com/ISAServer/) m^m Winroute 
Firewall, npMmeAmMM Ha aaivieHy WinGate 
OT KOMnaHMM DeerField (www.deerfield. 
com/products/winroute-firewall/). Ec/im 
Bbi pemMTe Mcno/ibaoBaib oamh m3 mho- 
>KecTBa AOCTyuHbix KamMpyioLAMX HTTP- 
npoKCM-cepsepoB, oh OyAei aaHOCMTb aa- 
rpy/KeHHbie m 3 klHTepHeia BeO-cipaHMUbi 
B COOCTBeHHbIM KSm. FlpM HOBTOpHOM 
OOpameHMM K/lMeHTOB K TOM >Ke CTpaHM- 
L(aM OH BbiAacT MX M3 CBoeco Kama, hto 
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ynpas;ieHHe poanMM w2k3 ocyu(e- 
CTBaneTcn yAo6HO h npocTO 


» ;io}KeHMe, TO He 6ecnoKOMTecb. OiKpoMre 
CTaproBoe Menro, Bbi6epnTe b hbm «Admini- 
strative TooLs», noc;ie nero b BbinaBmeM m6hk 5 
Bbidepme «Manage Your Server*. 

riocne BbiSopa nyuKia «Add or remove a 
roLe» («flo6aBMTb m/im yflariHTb ponb») CHanana 
noBBHTCfl OKHO flMarHocTHKM ceieBbix coeAHHe- 
m\A M npoBepKM uacrpoeK MweiomMxcn cnyrKd. 

Sarew mo)kho Bbidpaib, Kaxyio MweMHo 
po/ib HeodxoAMMO AodaBMTb. ripM 3TOM Ann 
Ka>KAOM poBM noKaabiBaercfi xparKoe onnca- 
Hwe M AaercB ccbi/iKa na pasAen homoiam, 

B KOTOpOM rOBOpMTCJi o6 OCo6eHHOCTBX HB- 
CTpOMKM TOM MJIM MHOM C/iy)K6bl, BK/HOHaJi 
Bonpocbi odecneneHMJi deaonacHocTM. 

B AaribHeiimeM Ann AodaBneuMn hobom 
ponM m;im HacTpoMKM yme padoTaioiAMx 
cny>K6 Mbi 6yA6T McnonbsoBaTb npMnowe- 
HMe Manage Your Server. 

Be6-cepsep 

CBOMMI1 pyKaMM 

McnonbsoBaHMe npoAyKTOB nuHenKM Windows 
Server 2000/2003 b KanecTBe Be6-cepBepoB 
flBnneTCfl Becbwa pacnpocTpaHeHHOM npaxTu- 
Koii. MHoruM no OonbiuoMy CHery Aarxe He 
HyrKHbi ApyrMe bo3mo>khoctm w2k3, raKue 
K3K, CKaweM, cepBep npMnoweHMM unn koh- 
Tponnep Aowena Active Directory. Ho 3 tom 
npMHMHe Microsoft Aa>Ke BbinycTM/ia OTAenb- 
HbiM BapnaHT cepBepHOM onepapMOHHOM 
CMCTBMbi w2k3 — Web Server Edition. ilpM 
Mcnonb30BaHMM 3Toro BapnaHTa MHornw 3aKo- 
HOnOC/iyiUHblM CMCTBMHblM aAMMHMCTpaTOpaM 
He npMAeTCfi nepennaHMBaTb aa nonnocfiyHK- 
UMOHanbHyio aepcMio w2k3, bo3mo>khoctm 
KOTO pOM OHM BCe paBHO HOnHOCTbK) He 
McnonbayiOT. 

Macrep ho see pyKM 

Internet Information Services (IIS) 6.0 nenn- 
eTCfl nO/IHOpeHHblM MHOrOC()yHKHMOHanbHblM 



riepeA HacTpoMKoii pomi npoHSBOAHT- 
cn A^arHOCTHKa ceieBbix coeAHHeHHM 


cepBepoM. Oh 6bin b anaHMTenbHOM creneHM 
onTMMM3MpoBaH Ann BbinonnenMn Be6-npM/io- 
weHMM, paOoTbi enywO b MaonnpoBaHHbix epe- 
Aax, Ann yBenMuenun nponycKHOM cnoco6no- 
CTM M o6ecneHeHMn MaciuTaOMpyeMocTM npM 
Mcnonb30BaHMM na MHoronpopeccopHbix 
nnaT(|)opMax. IIS wo>KeT MaonMpoaaTb oTAenb- 
Hoe Be6-npMBO)KeHMe m^m necKonbKo camtob 
B paMKax oAHoro npopecca, BaaMMOAefiCTBy- 
lomero HenocpeACTBeHHo c nApoM OC. Takom 
noAxoA He no3BOjineT OAHOwy npM/io>KeHMio 
MBM caMTy HapyiuMTb pa6oTy ApyrMx Be6- 
cny>K6 MnM npM/ioweHMM na cepeepe. 

Kpowe Toro, IIS npeAocTaB/meT bo3mo>k- 
HOCTM MOHMTopMHra cocTOBHMH, 6naroA3pn 

HeMy MO)KHO nOKanM30B3Tb, AMarHOCTMpOBaTb 
M npeAOTBpaigaTb napyrnenMn paOoTbi Be6- 
npMno)KeHMn. 

flnn noBbimeHMn ypoBHn OeaonacHocTM, 
nBnnroiAeMcn BawHbiM acnexTOM HopManbHoii 
paOoTbi nio6oro Be6-cepBepa, IIS 6.0 npeAy- 
CMaTpMBaeT 3H3HMTenbHoe KonMHecTBo npe- 

BeHTMBHblX Mep, KOTOpbie AOn)KHbl 3aiAMTMTb 
Be6-cepBep ot MHornecTBa pacnpocTpanen- 
HblX TMBOB aT3K. 

ripM noMoiAM IIS Manager, crienapMeB aA- 
MMHMCTpMpoBaHMn M^M HenocpeACTBeHHoro 
peAaKTMpoBaHMn KOHtJjMrypapMOHHoro 
IIS, xpaHJUAerocn b (JjopnaTe XML, mowho 
c nerKocTbK) nacTpoMTb IIS Ann pemenun 
KOHKpeTHbix 33AaH M BbinonHeHMH TpeOye- 
Mbix cnenapMeB. 

YlMeHMq M HOBblKM IIS 

W2k3 BMecTe c IIS 6.0 npeAcraannea naAew- 
HyK) nnaTcJjopMy, OnaroAapn KOTopoM bo3mo>k- 
Ho cneAyKTigee: 

► C03AaBaTb MaciuTaOMpyeMbie cepaepnwe 
KOHc()MrypanMM, oTBenaiomMe coBpeweHHbiM 
Tpe6oB3HMnM; 

► pa3pa6aTbiB3Tb neTpMBMa/ibHbie Be6- 
npMno)KeHMn; 
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► ny6nMKOB3Tb MH(|)opMai4Mio BnoKanbHbix 
ceTnx M klHTepneTe; 

► nonynaTb Aocryn k Oaaaw AaHHbix, neo6xo- 
AMMbiM Ann cosAaHMn cpeAbi, opMeHTMpoBan- 
HOM Ha AaHHbie; 

► pa3pa6aTbiB3Tb Be6-caiiTbi, ot nepconanb- 
HOM cTpaHMpbi AO nonHOMaciuTaOHoro ae6- 
cepBepa npeAnpMJiTMn. 

YCTOHOBKa IIS 

flnn Toro htoOw ycTanoBMTb IIS m oTAenbHwe 
ero KOMnOHBHTbl, MO>KHO B0Cn0nb30B3TbCn 

ann/ieTOM «Add or Remove Programs* 
(«ycTaHOBKa M yAaneHMe nporpawM*) nane- 
J1M ynpaBneHMn. B nepenne ycTanaBnMBae- 
MblX KOWnOHeHTOB WiodoWS KOMnOHeHTbl IIS 
BbiOnpaioTcn b cnMcxe «Application Server* 
(«CepBep npMnoweHMM*). C ApyroM cTopo- 
Hbi, MO)KHo Bocnonb30B3Tbcn M npMno)KeHM- 
ew Manage Your Server. 

0co6oe BHMMaHMe cneAyer oOpaTMTb na 
AononHMTenbHbie KOMnoHeuTbi cepBMca World 
Wide Web («AppLication Server Details ^ 
Internet Information Service Details ^ 

World Wide Web Service ^ Details*), raxMe 
K3K Active Server Pages m Remote Admini- 
stration (HTML), KOTopbie b AanbueMinew mo- 
ryT Mcnonb30BaTbcn Ann pa6oTW m yAaneuHOM 
HacTpoMKM cepBepa. 

CraHAapTHbie KaranorM 

ripM ycT3HOBKe IIS Mcno/ib3yeT cneAyioigMe 
KaranorM: 

► \Inetpub 

► \%SystemRoot%\Help\iisHelp 

► \%Syste m Root%\syste m 3 2\i n etsrv 
HsMeHMTb nonoweHMe 3 tmx xaranoroB nenb- 
3n, xoTn BO BpeMn ycraHOBKM mo>kho c no- 
MOiAbK) (jraM/ia otbbtob, Mcnojibsyeworo 

Ha 3TOM 3Tane, saAaTb necTonaxorKAenMe 
KaTanoroB wwwroot m ftproot. IlpM ao- 
MHCTannnpMM IIS xaranor iisHelp 6yAer » 
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» YAa/ieH, a Kara/iorn Inetpub m inetsrv ocia- 
Hyrcfi Ha KOMnbiOTepe. 

Aonon H MTen bH bie 
KOMnOHeHTbl IIS 

IIS BK/uoHaer MHo>KecTBO flonoAHme/ib- 
HblX KOMHOHeHTOB, KOTOpbie MO>KHO yCTa- 

HOBMTb M/1M yflaAMTb c noMOipbio annHeia 
«Add or Remove Programs* naneAM ynpae- 
AeHMB. Hn>Ke 6yAer paccMorpeHo Haana- 
HeHMe 3TMX KOMHOHeHTOB M MX BAMBHMe HB 
(JryHKAMOHaAbHOCTb IIS. OaMAbI AAA kom- 
HOHeHTOB Active Server Pages, Internet 
Data Connector, Server Side Includes m 
WebDav npu ycranoBKe w2k3 c Hynn kohm- 

pyHDTCB Ha KOMHblOTep, HO COMM KOMHO- 
HeHTbi no yMOAHaHMK) oTKAioHeHbi. IlpM yc- 
TaHOBKe w2k3 b KanecTBe obHOBneHMH Bce 

KOMHOHeHTbl IIS HO yMOAHBHMK) 6yAyT 
BKAIOHeHbl. 

BITS Server Extensions 

BITS (Background Intelligent Transfer 
Service) BBAJieTCJi MexauMSMOM (Jjohobom 
nepeAaHM AaHHwx m ynpaBneuMB onepeAn- 
MM. BITS MMHMMM3Mpyer (JraMAOBbie aanpo- 
Cbi aaa yBeAMHeuMB nponycKHOM cnoco6- 
HocTM M yMeubmeuMB BpeweHM otkamka 
cepBepa. VciaHOBKa BITS noaBonneT 
odecneHMBaTb na aeb-cepaepe neobxoAM- 
Mbiii ypoBeHb KanecTBa obcayrKMBaHMB 
(Quality of Service, QoS). 


flpM BcePi CBoePi pacnpocTpaHeHHOCTM IIS, 
HeCOMHeHHO, HBAHeTCfl H6 eAMHCTBeHHbIM 
AOCTynHbiM seS- m FTP-cepsepoM. Oaho 
M3 maBHbix npeMMymecTB IIS — bo3mo>k- 
HOCTb ero paQoTbi b lecHOM MHTerpapMM 
c APyrMMM cny>K6aMM w2k3, laKMMM kbk 
A ctive Directory. OAHaKO, bo3mo>kho, b He- 
KOTopbix cnyHanx 6onee npeAnoHTMienbHbiM 
OKa>KeTCH MCn0Ab30BaHMe npOAyKTOB CTO- 
poHHMX cpMpM MAM TaK Ha3biBaeMbix o6ner- 
HeHHbix pemeHMM. CpeAM Be6-cepBepoB 
MO>KHO HaoBaib Apache, KOTopbiM, He 6yp,y- 
HM oSAerHeHHbiM, KyAa 6oAee KOMnaKieH, 
HeM IIS (www.apache.org), TinyWeb 
(www.ritlabs.com/tinyweb). Abyss Web 
Server (http://abyss.sourceforge.net). 
kl3 HaMboAee pacnpocTpaneHHbix FTP- 
cepBepoB aah Windows mo>kho OTMeiMTb 
Serv-U (www.serv-u.com), WarFtp 



CnHCOK AOnOnHHTeAbHbIX KOMHOHeH' 
TOB Internet Information Services 


Common Files 

B peAflx noBbimeHMA ypoBHs beaonacHocTM 
Be6-cepBepa bosmowho oiKAioHMTb ycrauoBKy 
HeKOTopbix obiAMx (jraMAOB, OAHaKO ecAM CAO- 
Aaib 3T0, TO IIS He 6yAeT ycTanoBAen BOBce. 
flo3TOMy npM MHCTaAAAAMM IIS paapeiAMTe yc- 
TaHOBKy 3Toro KOMnoneHTa m npM neobxoAM- 
MOCTM orpaHMHMTb nepeueHb CAywb m cepBM- 
coB oTKAiOHMTe MX B CHMCKe «Common Files*. 

File Transfer Protocol (FTP) Server 

flpoTOKOA FTP McnoAbayeTCA pj\!\ obneHa 
4)aMAaMM CyAaAeHHbIMM KOMUblOTepaMM. 

B paMKax HaujMx aaAan — obycTpoMCTBa 
AOKBAbHOM CeTM — HaCTOBTeAbHO peKOMeH- 
AyeTCfl ycTaHOBMTb 3 tot KOMnoHeHT. Ero mc- 
noAbaoBaHMe nosBOAMT opraHMaoBaTb obMOH 
4)aMAaMM Ha cepaepe 6ea neobxoAMMocTM ma- 


(www.jgaa.com/index.php?menu=154), 
VisNetic Ftp Server (www.deerfieid.com 
/products/visnetic_ftpserver). 06r\ap,ai\ Bce- 
MM HeObXOAMMbIMM CpyHKLlMHMM AAH OpPaHM- 
3apMM yAobHoro m beaonacHoro FTP-cepse- 
pa, OHM BeCbMa KOMnaKTHbl. VCTaHOBMTb 
M HaCTpOMTb MX AOBOAbHO UpOCTO. 




TM Ha KOMnpoMMCCbi B o6ecHeHeHMM 6ea- 
onacHocTM, na KOTopwe hohtm HaaepHAKa 
npMiuAocb 6bi noMTM npM McnoAbaoaaHMM aaa 
3TMX LieAeM w2k3 b KanecTBe (jjaMA-cepaepa. 

Frontpage 2002 Server Extensions 

flaHHbIM KOMHOHeHT nOSBOAAeT npOCMBTpM- 
BBTb M peAaKTMpOBBTb coAopwMMoe Be6- 
caMTa. flpM noMoiAM 3tom nporpaMMbi mo>kho 
He TOAbKO dbiCTpo coaAaBaTb cafiTbi na CBoeM 
cepBepe, ho raxrKe coaAaaaTb, peAaKTMpoaaTb 
M paaweiAaTb Be6-CTpaHMAw na IIS yABAenno- 
ro cepaepa. Ecam KOMnoneHT FrontPage 2002 
Server Extensions ne 6yAer ycTanoBAen, to 
KOHMpOBaTb (fiaMAbI Be6-CaMTa M M3MeHATb 
ero HacTpoMKM npMAeTCA BpyHHyK). 

iiS Manager 

IIS Manager ABAAeTCfl rpaejjMHecKMM MHTep- 
(jjeMCOM aaa aAMMHMCTpMpoBaHMfl Be6-cepBe- 
pa. Bea McnoAbaoBaHMA Aannoro KOMnoneHTa 
ocyigecTBAATb ynpaBAenne BeO-cepeepoM 
MO)KHO, HO AAA 3TOrO npMA6TCA MCnOAbaOBBTb 
CKpMHTbl, KOTOpbie B CBOK) OHOpeAb MCHOAbay- 
K)T IIS API aaa coaAaHMA caiiTOB, nacTpoMKM 
npMAOWeHMM, BMpTyaAbHbIX AMpeKTOpMM, 
a TaKAce napaMOTpoa OeaonacnocTM. 

NNTP Service 

FlpoTOKOA NNTP McnoAbayeTCA p,m pacnpo- 
cTpaneHMA hobocthwx paccwAOK MewAy cep- 
BepaMM HOBocTeii m NNTP-KAMenTaMM. Ecam 
KOMH blOTep He nABHMpyeTCA MCnOAbaOBaTb 
B KanecTBe news-cepaepa, ycTanaBAMaaTb 
3T0T KOMnoneHT ne cAeAyeT. 

SMTP Service 

FlpOTOKOA SMTP M0)KH0 MCHOAbaOBaTb AAA 
opraHMaariMM noHTOBoro MHTpaneT-cepBepa. 

3tot KOMnoneHT TaKwe 6yAeT ycTanoBAen npM 
MHCTaAAAAMM CAy}K6bl POP3 Ma KOMHOHeHTOB 
w2k3 e-mail services. » 


E 


AjIbTepHaTMBbI iiS 


Be6- v\ FTP-cepBepbi cropoHHMx c|)MpM 
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» World Wide Web Publishing Service 

3tOT KOMnOHeHT flOJDKeH 6blTb yCTaHOB/ieH 
flaj) Bbino/iHeHMJi IIS ero ochobhom cfjyHK- 
u,\Av\ — pa6oTbi B KanecTBe Be6-cepBepa. 
World Wide Web Publishing Service BKniouaeT 
cneAyioiMMe noflKOMnoHeHTbi: 

► Active Server Pages — 6e3 flanHoro kom- 
noHenia neBosMOKHo 6yAer ncno/ibaoBaHue 
Ha cepaepe ASP-cipaHMA. 

► Internet Data Connector — stot KownoHeHT 
HeobxoAMM Ann bo3mo>khocth o6pa6oTKH (Jraii- 
aoB .idc, KOTopbie Mcno/ib3yioTcji b IIS Ann yKa- 
3aHnn mctohhmkob abhhwx ODBC, mmoh no/ib- 
BOBareneii, mabnoHOB m oneparopoB SQL Ann 
oSweHa AaHHbiMM c baaawM ashhux. 

► Remote Administration (HTML) — MHiep- 
(JreMC yAaneHHoro aAMMHMCTpi/ipoBaHMn Ann 
IIS. Plcnonb30BaTb 3 tot KOMnoneHT cneAyer 
ocTopo)KHo M, norKanyii, b nennx besonacHo- 
CTM He CTOMT ero ycTanaBJiMBaTb, ecnw net 
ocrpoM HeobxoAMMOCTM yAaneHHo aAMMHM- 
cTpupoBaib CBOM cepBep. 

► Remote Desktop Web Connection — aro 
KOMnoHeHT ActiveX Ann yAanennoro aAMMHw- 
cipupoBaHHn. Coobpa>KeHMn oTHocMrenbHo 
HeobxoAMMOCTM ero ycianoBKn ananorMSHbi 
npeAbiAyiASMy nyHKiy. 

► Server Side Include — Aanubiii KOMnoneuT 
HeobxoAMM Ann KoppeKTHoro oTobpa>KeHMn 
(Jjafi/ioB .shtm, .shtml m .stm, Koiopwe mc- 
no/ib3yioTcn Ann roro, nrobbi cobupaTb cipa- 

HMAbl M3 rOTOBbIX HBCTeM M BCTaBnnTb B HMX 
peBynbiaibi paborw paa/iMHHbix CKpunroB. 

► WebDAV Publishing. Cnyncba Web 
Distributed Authoring and Versioning 
(WebDAV) BO MHoroM cxonra c FTP, oAuaKo 
MoweT obecneHMTb aaiAMiy npu noMoigM 
naponn m ujM(|)poBaHMe npu nepecbmKe ash- 
Hbix Ha Beb-cepaep nocpeACTBOM SSL. 


► World Wide Web Service — bes 3tom cnynr- 
bbi IIS He cMower npeAocTaB/inib Aociyn 
K Beb-caMiaM. 

HacTpoMKa Be6-cailTOB 

flnn onybnMKOBaHMn Beb-crpaHMA na cepeepe 
cyigecTByeT Asa ochobhwx BapuaHTa: saAarb 
eige OAHy AnpeKTopmo b pawKax Beb-caMia 
no ywo/iHaHMio v\m we C03Aarb Aononnnrenb- 
HbiM Beb-caMT, KOTopbiM byABT AocryneH 
Ha oTAenbHOM IP-aApece m nopie. 

flnn onybnMKOBaHMn xaranora Ha ywe 
MweroiAeMcn caMie mowho cosAaib HOByio 
BMpiyanbHyio AwpeKTopMio nubo neno- 
cpeACTBeHHo B IIS Manager, jinbo npocro 
B CBOMCTBax Karanora b FlpoBOAHMKe 
Windows Bbibpaib cooTBercTByioiAyKi 
onAMio Ha BxnaAxe «Web Sharing*. 

ripM 3T0M HeobxoAMMo ynecTb Asa BawHbix 
MOMenra. Bo-nepaux, npaaa Aocryna na xara- 
nor AonwHbi bwTb BbicraBnenbi na nreHMe Ann 
«Everyone» (acex), b npoiMBHow cnynae by- 
Aer HeB03MoweH anoHMWHbiM Aocryn k 3Towy 
BMpryanbHOMy Kaianory — Beb-cepaep 3a- 





ripM onySriHKOBaHHH Karaaora c noMO- 
ll^bK) ripOBOAHHKa aHOHHMHblH AOCTyn 
Heo6xoAMMO paapeuiHTb abho 


ipebyer aBTopM3aL(Mio. Bo-BTopbix, npM onyb- 
nMKOBBHMM Karanora c noMoigbio IlpoBOAHMKa 
anoHMMHbiM Aocryn k Karanory no yMonnaHMio 
BbiKniOHeH, M HeobxoAMMo BKnioHMTb ero nB- 
Ho. flnn 3Toro hbao b CBOMCTBax BMpryanbHO- 
ro Karanora b IIS Manager Bwbparb BKnaAKy 
«Directory Security*, aarew b rpynne «Authe- 
ntication and Access Control* nawarb KHouKy 
«Edit» M ycranoBMrb (|)na)KOK «Enable anony- 
mous access*. flpnwK Ann sanycKa caMoro IIS 
Manager mowho uaurM b rpynne «Aammhm- 
crpMpoBaHMe* nanenM ynpaeneuMn. 

Co3Aarb HOBbiM Beb-caur c noMoiAbio IIS 
Manager coBcew He cnowHo, noarowy mw ne 
byAew noApobno na aroM ocranaBnMBarbcn. 

riocne ero cosAanun cneAyer Bubparb IP- 
aApec cepBepa m nopr, KoropwM byAer Mcnonb- 
30Barbcn Ann AOCryna k caiiry. SareM Heobxo- 
AMMo yKaaarb MecroHaxowAewMe cfiaMnoB 
crpaHMA, cocraBnnraiAMx caiir (Home Directo- 
ry), a raKwe napaMerpw besonacHocrM m, bo 3- 
MowHo, McnonbsyeMbie ISAPI-(|)Mnbrpbi. 

Co3AaHHbiM Beb-caiir byAer Aocrynen 
cpaay we no aaBepmeHMM ero HacrpoMKM. » 
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HacTpoiiKa Hoeoro Be6-caiiTa, cosAaHHoro cpeACTBaniH IIS 


JTfTriT— 1 ■? -TIN ' .e , - 





Bbi Mowere opraHHSOBaTb HecKO/ibKO FTP-caMTOB, KOTopbie 
6yAyr pasMeiueHbi Ha oahom <t>H3HHecKOM cepaepe 


» fljifl co3AaHMfl M ocj)opM;ieHMfl ero coAep>KM- 
Moro Bbi Mo>KeTe Bocno/ibSOBaibCfl nporpaM- 
MaMM fl/ifi BepcTKM caMTOB, HanpMMep 
Microsoft Frontpage. 

HacTpoMKa FTP-cepsepa 

B L(e;ioM HacipoMKa FTP-cepsepa oseHb 
HanoMMHaer HacrpowKy Be6-cepsepa. 3flecb 
TaKwe M0)KH0 noMMMo CTpyKTypbi Kara;ioroB 
B \Inetpub\ftproot aaAaib eme m Buprya/ib- 
Hbie Kara;iorM, Kpowe roro, KownoHeHT IIS 
FTP Service nosBo/ifieT opraHnaoBarb na ofl- 
HOM (|)M3MHeCKOM Cepsepe HeCKO/IbKO FTP- 
caMTOB, KOTopbie 6yAyi npeACTasaaTbCB ksk 
pasAMHHbie BMprya/ibHbie FTP-cepsepbi. flaji 
3Toro Heo6xoAMMo aanycTnib IIS Manager 
Hepea npnbiK b nanKe «AAMMHncTpMpoBa- 
HMe» nanenM ynpasneHMs n na KOHieKCTHo- 
ro Menio rpynnw «FTP S1tes» Bbi6parb nyHKT 
«New ^ FTP S1te». 

ripM coaASHMM FTP-canra oahmm m sarn- 
Hbix napaweipoB AB/ifleTcn yposenb naona- 
AMM noAbaoBareneM, or ero HacrpoMKM aa- 
BMCMT, cMoryr AM noAbaoBareAM aaxoAMTb 



. — ^ •- — _ 

*■ _ 



B CBOMCTBax FTP-caiiTa saAaioTcn oc- 
HOBHbie ero napaivieTpbi: pacnoAome- 
HHe Ha AHCKe, ypoBeHb Aociyna k Ka- 
TaaoraiM h t. a- 


B AOMaiAHMe KaraAorM APyrMx noAbaosaie- 
ASM. KpoMe Toro, IIS noaBOAser yKaaaib 
ypoBeHb AocTyna noAbaoBareAeii ko scewy 
caMTy Ha nreHMe mam aanMCb. 

B HacTpoMKax FTP-caMia mowho aaASTb psA 

AOnOAHMTeAbHbIX napaMSTpOB, laKMX K3K no- 

AoweHMe KaraAora c coAepwMMWM FTP-caMia, 
ypoBSHb AocTyna k oTAeAbHWM noAKaraAoran, 
coobigeHMA, sbiAasaeMbie noAbaoBareASM npM 
BxoAe M BbixoAe c FTP-caMia m t. a- 

OCobeHHO Ba>KHO obpaiMTb BHMWaHMe 

Ha HacTpoMKM, AocTynHbie na BKAaAxe «FTP 
Site» CBOMCTB FTP-caMTa. 3Ascb, b nacTHo- 
CTM, aaAaercA IP-aApec cepsepa m nopr, 

Ha KOTopoM 6yAer AocTynen FTP-cepsep 
c 3TMM caMTOM. CaMo co6om paayMeercA, hto 
H ecKOAbKo FTP-caMTOB He MoryT McnoAbao- 
BaTb OAMH M TOT )Ke IP-SAPSC M HOpT. 


HacTpaneaeM 
noHTOBbiM cepsep 

Oahmm Ma HaMboAee McnoAbayeMwx b kom- 
nblOTepHblX CeTAX CepBMCOB ABAAeTCfl 3ABK- 
TpoHHaa noHTa. FloASMBmaACA npaxTMHecKM 
oAHOBpeMeHHo c ceTAMM, oHa CTaAa HeaaMe- 
HMMbiM cpeACTBOM obigeHMA M nepecbiAKM 
paaAMHHbIX AaHHbIX. B AOKaAbHbIX KOMHbK)- 
TepHbix ceTAx noHTa TaxrKe lAMpoKO McnoAsay- 
eTCA B CMCTeMHOM aAMMHMCTpMpOBaHMM A-BA 
oTnpaBKM paaHoro poAa othbtob, yseAOMAe- 
HMM, cnpasoK M T. n. 

Ecam paccMaTpMBaTb He6oAbmyio ceTb 
KOMHbiOTepoB B paMKax OAHoro paMOHa ropo- 
Aa, TO M aAecb 3AeKTpoHHaA noHTa 6yAST He- 
becnoAeana, c ee noMoigbio mo>kho opraHM- 
aoBbiBSTb paaHoro poAa MH(|)opMaAMOHHbie 
paccbiAKM, a TaK)Ke o6ecneHMBaTb csnab noAb- » 



KoHKypeHTbi He p,pet^n\OT 


Cny>K6a POPS, exoAHLAan b cocTae w2kS, 
n03B0AAeT AOBOAbHO AeCKO 0praHM30BaTb 
noHTOBbiM cepBep noHTM Aio6oro MaciiJTa- 
6a: OT AOMaiAHero cepaepa Ha HecKOAb- 
KMX noAb30BaTeAevi c MHTerpapMeM b 
A ctive Directory ao MaccoBOM noHTOBoPi 
cny>K6bi c xpaneHMeM aaiiJMCppoBaHHbix 
naponeki m pacnpeAeneHMeM noAbaoBaTe- 
A6M no HeCKOAbKMM nOHTOBbIM AOMOHaM. 
Flo BecbMa BepoHTHO, HTO y Koro-To OKa- 
>KyTCA CnepMCpMHeCKMe yCAOBMH, B KOTO- 
pbix 6onee yAo6HbiM 6yAeT noHTOBbiii cep- 
Bep C HeCKOAbKO MHOii 4>yHKL(MOHaAbHOM 
HanpaBAeHHOCTbK). 

AnbTepHaTMB npeAocTaTOHHO. Microsoft 
Exchange Server 2000/2003 — cpeACTBO 


nocTpoeHMH CMCTeM o6MeHa MHCpopMauMeM 
ypoBHA 6oAbiiJoro npeAnpMATMH. Mo>kho ot- 
MeTMTb Kerio Mail Server (www.kerio.com 
/kms_home.html), noAHOCTbio MHTerpMpyio- 
LAMMCH c Active Directory, ho oOAaAaioLAMM 
npM 3T0M PHAOM AOnOAHMTeAbHbIX B03M0>K- 
HOCTevi, cpeAM KOTopbix noAAep>KKa SMTP- 
ayreHTMCpMKapMM, nepHbix comckob cnaMe- 
pOB, CMCTOMa (pMAbTpapMM BMCeM, 
aHTMBMpycHan aaiAMTa, yAo6HbiM Be6-MHTep- 
cpevic M MHoroe APyroe. FleAb3A He OTMeTMTb 
TaKOM noHTOBbiM cepBep, KaK MDaemon 
(www.altn.com), o6AaAaK3iAMM m6KMMM 
cpeACTBaMM MapiijpyTMaapMM M CpMAbTpapMM 
noHTbi, a TaK>Ke noAAeprKKoii npoTOKOAOB 
6e3onacHoro noAKAioHeHMA. 
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» soBareneM Apyr c ApyroM b ycnoBnax, kotab 
H enocpeACTBeHHoe o6iAeHne, cKaweM, b nare 
no TBM unn umbim npnnnHaM HeBOBMOWHO. 

POP3 + SMTP = 
noMTOBon CMCTeivia 

fl/iB pa6oTbi aneKTpoHHOM noHibi b w2k3 nc- 
nojibByercB cepBuc POP3, o6ecneHMBaK)iAHM 
nojiyneHne no;ib30BaTe;ijiMM coo6iAeHHM 
c noHTOBoro cepBepa, a raKwe xpaHenne 
M ynpaBneHMj) noHTOBbmn yseTHbiMM sann- 
CBMM Ha cepaepe. flnji ornpaBKM coo6iAeHnii 
M Ann MX nepeAaHM or cepaepa k cepaepy 
Mcno/ibByercji cepanc SMTP, KOTopbiii ycra- 
HaB/iMBaeTCfl k3k nacTb noHioBoro cepBMCa 
BMecre c P0P3-cepBMCOM. 

CMcreMa aoct3bkm aneKTpoHHOM noHTw 
pa6oTaer no onpeAe/ieHHOMy npoioKony m 
noBBonaeT b cooTBeiCTBMM c onpeAeneHHbiw 

npOTOKOnOM CKaHMBaib nOHTOBbie C 006 lAeHMB 
c cepaepa Ha /lOKa/ibHbiii Kownbiorep no/ibso- 
aaTe/in. CepBMc POP3 a KanecTae raKoaoro 
Mcnojibayer, kbk mo>kho 6bmo npeAno/iowMTb, 
npoTOKon POP3, KOHipo/iMpyrotAMM ceanc caa- 



3M Me>KAy P0P3-KnMeHTOM M noHTOBbiM cepB6- 
POM, Ha KOTOpOM XpaHHTCa COo6lAeHMB. 

ripM aAMMHMcrpMpoaaHMM pa6oTbi cepBMca 
POP3 npMXOAMTCfl ynpaaaarb ero AeMCTBMBMM 
Ha rpex opraHMaapMOHHbix ypoanax: na ypoa- 
He noHTOBbix cepaepoB, noHToabix aom6hob, 
a T3K)Ke oTAenbHbix nonroabix aiamkob. PIoh- 
TOBbiM cepaepoM aaaaeTca KOMnbioTep, na ko- 
TopoM ycTaHoaaeH cepBMC POP3 m c KoropbiM 
coeAMHaiOTca no/ibaoBarenM Ana nonyaeHMa 
noHTbi (nanpnMep w2k3net.sampLe.org). 

rioHTOBbm AOMeH AonareH 6biTb aapern- 
crpMpoaaH k3k AoweHHoe Mna, HHTepneT- 
npoaaiiAep Aonwen co3Aaib MX-aanncb (Mail 
eXctiange). BnpoHew, ecnn npeAnonaraerca 
nepecbiaKa noaibi aniub a pawKax He6oabmoM 
aoKaabHOM ceiM, to 3to npaanao co6aK)AaTb 
Heo6a3arenbHo. KawAowy noabaoBarenK), 
BxoAaiAeMy a aombh, npMHaAnewMT noHToabm 
aiAMK (nanpMwep user@ sampLe.org), koto- 
pbiii cooTaeTCTayeT xaraaory a noHToaoM xpa- 
HMaMige, b KoropoM naxoAarca nncbMa ao mo- 
MeHTa MX nonyneHMa. 

floHTOBoe xpaHMimiite 

rioA noHTOBbiM xpaHMaMigeM noHMMaeica xa- 
ranor, b KOTopoM cepanc POP3 xpaHMT acio 
noHTy AO Toro, xax noabsoBarenM 3a6epyr ee 
c noMoigbio noHToabix KnMeHToa. 

B o6iAew cnynae CTpyxiypa nonioaoro 
xpaHMaMiga MorxeT 6biTb cneAyioiAeM. Ha no- 
xaabHOM AMCKe abiAenaerca xaianor Ana xpa- 
HeHMa nOHTOBbIX COo6lAeHMM. ripM C03A3HMM 
noHTOBoro Aowena cny>K6a POP3 Aenaer a xa- 
ranore nonroBoro xpaHMaMiga cooTBercTByx)- 
lAMM noAxaraaor. flaa xarxAoro noabsoBareaa 
M3 onpeAoaeHHoro noHToaoro Aowena C03Aa- 
erca noAxaranor a xaiaaore, coBAaHHOM Ana 
3Toro AOMena. KarxAoe noaroBoe coo6iAeHMe, 


aApecoaaHHoe noabaoBaieax), coxpaHaerca 
a noAxaranore noabaoBareaa b bma 6 oTAeab- 
Horo (JraPiaa ao lex nop, noxa noabaoBareab 
He noayHMT 3to coo6iAeHMe c noMoigbX) noa- 
ToaoM nporpaMMbi-xnMeHTa. 

K npMMepy, noanbiPi nyrb x (JraMay c coo6- 
igeHMeM, noayaeHHbm no aaexrpoHHOM noa- 
le, Morxei 6birb raxMia: 
C:\inetpub\maiLroot\maiLbox\sampLe.org 
\P3_username.mbx\P865341.emL 

SASCb maiLroot cooTBeTCTByer xaraaory 
xpaHMaMiga coobigeHMM, sampLe.org aaaaeica 
AMpexTopMeii noaroeoro Aoiaena, P3_user- 
name.mbx — AnpeKTopna noaroaoro aigMxa 
noab30Bareaa username, a P865341.emL — 
oTAeabHoe coxpaneHHoe coobigenMe. 

Llpaea na Aocryn x (jraMnaM m noAxaraao- 
raM a noaroBOM xpaHMaMige OAnnaxoBW Ana 
xarxAoro noAxaiaaora. Llpu nacTpoMxe xpaHM- 
aMiga npaBa na Aocryn x ero noAxaranoraw 
AaxjTca Toabxo Ana aoxanbHux m AoweHHbix 
aAMMHMCTpaiopoB, a Taxrxe yaeiHOM sanMCM 
«Network Service*, noA xoTopoii sanycxaerca 
cny>x6a POP3. Hmxbxmm APyruM noabsoBare- 
aaM npaa Aocryna x noaioaoMy xpaHMaMigy 
He npeAocTaBaaerca. 

ycTOHaBUMBaeM nonry 

Hrax, nocae MHoroaMcaeHHWx npMroToaaenMM 
M paabMpareabCTB npumaa nopa aanaibca 
AenoM. Haaarb caeAyei c ycranoexM cay>x6 
POP3 M SMTP. flobaBMTb POP3 mowho aepes 
nynxT «Add/Remove Windows Components* 
annaera nanenM ynpaaaeHMa «Add or Remove 
Programs*. flpM awbope cayrxbw POP3 cay>x6a 
SMTP 6yAeTTax)xe aBTOMaiMaecxM abiOpana. 

ripM 3T0M Ha nepabix nopax caepyeT bo 3- 
Aeprxaibca ot McnoabsoaaHMa cpeAcra bamm- 
HMCipMpoaaHMa aepea ae6-MHTep(|)eMC. 14c- » 
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» no;ib30BaHMe 3Toro MHTepc()eMca 6e3 ao;i>k- 
Hoii HaCTpOMKM COnpjl)KeHO C pSAOM B03MO>K- 
Hbix 6pemeM b cucTewe 6e3onacHocTn, Kpone 
Toro, Mbi MCXOAMM M3 npeAno;io}KeHMJi, hto 
aAMMHMcrpMpyeM noxa To/ibKO oamh cepaep, 
Ha KOTopoM pa6oTaeM b xanecTBe BOKa;ibHoro 
no;ib30BaTe/iJi, rax hto yAa/ieHHbm Aocryn ne- 
pe3 Be6-MHTep(J)eMC 3Aecb M36biTOHeH. 

flocneAHMe uirpiixM 

rioc/ie Ao6aB/ieHMB po/iM nonioBoro cepaepa 
BHeiiJHMM BMAe oxHa npn;io}xeHMji Manage 
This Server necxonbxo M3MeHMTcx — renepb 
3Aecb 6yAer sHaHMTbcx po/ib «Mail Server 
(P0P3)» M 6yAer AocryneH nyHXT p,m\ ynpae- 
neHMfl C03AaHHbiM cepaepoM. 

B annnere ynpaaneHHfl cepsHcoM POPS 
(ero MorxHO aanycTMTb nepea apnbix «P0P3 
Service® m 3 rpynnw «Administrative Tools®) 
cneAyoT nepeA cosAanneM nonroBoro AOMena 
cpaay onpeAe/iHTbca, xaxoii tmh ayieHTM^M- 
xapMM 6yAer McnonbaoBaTbcn, nocxonbxy 
B AanbHeiiiijeM CMena TMna ayreHTMcfrMxaAMM 
6yAer conparxena c 6onbujMMM rpyAHocTfiMM. 

riocne co3AaHMji Heo6xoAMMbix nonroBbix 
AoweHOB MorxHo co3AaTb nonbaoBarejibcxMe 
nOHTOBbie JIIAMXM. ripM 3TOM ec^M PJ\!\ cepBB- 
pa Bbi6paHa ohamb «Always create an associ- 
ated user for new mailboxes® («BcerAa co- 
3AaB3Tb Ana hobwx noHTOBbix juamxob coot- 
BeicTByxriAero nonb30BaTe/iB»), to cootbot- 
CTByxriAMe no/ib30BaTe/iM 6yAyT C03AaaaTbCB 
B cHMCxe Boxa/ibHbix noBbsoBaTe/ieii na cep- 
Bepe, TAe padoTaeT cny>x6a POPS. 

Ha 3TOM HacTpoMxy homtobom cMCTeMw 
MOrXHO CHMTaTb SaXOHHeHHOM. flnfl nOBHOTbl 
XapTMHbl CneAyeT OTMeTMTb, HTO B COCTaB 
CTaHAapTHoro noHTOBoro POPS-cepsepa w2k3 
BxoAMT Taxrxe xoMCo/ibHan yTMBMTa winpop. 


Bo3mo)xho, MMena ona npMAeTCx no axycy 

TOM, XTO npMBbIX pa6oTaTb C XOMaHAHOM CTpO- 
xoM, Tax xax winpop nosBonxeT ocyiAecTBxxTb 
donee TOHxyx) HacTpoMxy. 

Ciiy}K6bi o6ii4eHiin 

He Menee BarxHbiwM, HerxejiM Bed-, FTP- 
M noHTOBbie cepBMCbi, BBnxxjTCB cnyrxdbi, 
npeAocTaB/iBxriAMe B 03 M 0 )XH 0 CTb HenocpeA- 
CTBeHHOrO odlAeHMB B CBTM C nOMOlAbX) xo- 
POTXMX COodlAeHMM. B 3 TMX C/iyHaflX MO)XHO 
opraHM 3 oaaTb nndo HaT-cepeep, nndo IM- 
cepaep. FnaBHoe, HTodw see nojibaoaaTenM 
MornM nerxo ycTaHOBMTb m HaCTpoMTb coot- 
BeTCTByxjiAMe x/ineHTCXMe nporpaMMw. 

B cTBHAapTHOM nocTBBxe w2k3, x corxane- 
HMX), HBT IM-cepaepa, ecTb numb cjiyrxda co- 
odiAeHMM Messenger. 3 tb c/iyrxda nosBonxeT 
nocbixaTb yseAOMxeHMX Ha xoMnbxrTepw noA 
ynpaaneHMeM Windows 2000/XP. Oahbxo b 
oTXMHMe OT Instant Message-cepaepa ona 
npeAHaananeHa exopee Anx axcTpenHwx eny- 
naea, nerxexM Anx noBceAHesHoro odigeHux. 
(PaxTMHecxM 3 Ta cxyrxda xanxerex odonoHxoii 
HBA xowaHAOM net send m McnojibsyeTCx aA- 
MMHMCTpaTOpaMM ceTM A^x onoBeiAeHMx noxb- 
aoBareneM o neodxoAMMocTM npon 3 BOACTBa 

XaXMX-XMdo A 6 MCTBMM. 

kl3 npocTbix HaT-xxMeHTOB B pBMxax CeTM 
MO)XHo OTMeTMTb Intranet Chat (http:// 
vnalex.tripod.com), a raxrxe Friendly Chat 
(www.kilievich.com/rus/fchat/). Ode npo- 
rpaMMbi no3Boxxx)T opraHM30BaTb odigeHMe 
de3 Mcnoxb30BaHMx AonoxHMTexbHwx cep- 
BepHbix xoMnoHeHTOB (xoTx Anx Intranet 
Chat cyigecTByeT cepBepHWM BapuaHT, 
n03B0nXK)lAMM odteAMHMTb HeCXOXbXO nOA- 

ceTeii). Friendly Chat odnaAaer xyAa donee 
npMBnexaTenbHbiM MHTepcfieMCOM m donb- 


UJMMM B03M0}XH0CTXMM, XOTX erO HaCTpOMXB 

3HaHMTenbHo cnorxHee. 

B xanecTBe naT-cepBepa mo>xho Mcnonbso- 
BaTb OAMH M3 BApMaHTOB peaxM3aAMM jabber- 
npoToxona (www.jabber.org). Jabber xBnxercx 
HadopoM noToxoBbix npoToxonoB Ha ocHOBe 
XML M TexHonorMM, no3Bonxx)iAMX nxrdbiM odt- 
exTBM B klHTepneTe odMenMaaTbcx coodiAeHMx- 
MM, AaHHbIMM 0 CBOBM COCTOXHMM M APyrOM 
CTpyxTypMpoBBHHOM MH(J)opMauMeM noHTM B pe- 
>XMMe peanbHoro apeMeHM. CyigecTByeT MHorxe- 
CTBO peanM3aAMM aroro npoToxona xax Anx 
cepaepoB, Tax m xnMeHToa, b nacTHocTM ecTb 
Jabber-nnarMH Anx aecbMa nonynxpnoro IM- 
xnMBHTa Miranda (www.miranda-im.org). B 
xpaMHeM enynae mo>xho BocnonbaoaaTbcx 
deennaTHbiM cepaepoM ICQ Groupware — 
npoexTOM paapadoTHMxa nporpawMbi ICQ 
(jjMpMbi Mirabilis, xynneuHOM BnocneACTBMM 
America Online. 

SoKiiioHeHiie 

Hrax, Windows Server 2003 npeAocTaenxeT 
doraTbie bo3mo>xhoctm no yAodnoM peanMsa- 
AMM b paMxax noxanbHOM cbtm MHoroHMcnen- 
Hbix cnyrxd: aed- m FTP-cepaepa, anexTpoH- 
HOM noHTbi, (jjaiinoBoro cepaepa m MHorMx 
ApyrMx, 0 xoTopbix y>xe dwno cxaaano. Bmb- 
CTe C TBM HeXOTOpbIX CepBMCOB, TaxMx, HanpM- 
Mep, xax odMBH XOpOTXMMM COodlABHMXMM, 

B w2k3 Her, m b 3tmx cnynaxx npMXOAMTCX 
MCxaTb M Mcnonb30BaTb CTopoHHMe paapadoT- 
XM. Ho, xax dbi TO hm dwno, lUMpoxMe bo3- 
MorxHocTM w2k3 penaxjT 3Ty nnaTcfiopMy aecb- 
Ma npMBnexaTenbHOM Anx McnonbsoaaHMx, 

B HaCTHOCTM B HedonbllJMX CeTXX, TAe OCHOB- 
Hbie cnyrxdbi TpedyeTcx peanM3oaaTb dwcTpo, 
HBAerxHo M npocTo. 

■ ■ ■ /leHvic IlaTpaKOB 
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SaiMMTHMKM cepsepa 




CTeHOM» 


N 


KorAa Mbi HaHUHaeM Aywaib o saiAnie cein, nepeoe mto npuxoAHT b ro- 
;iOBy — 3TO c/iOBO firewaU, Koiopoe b pyccKOM BapnaHie SBynm Menee 
6;iaro3ByHHO — «6paHAMay3p». flePicTBHTe;ibHO, ot 3Toro npoAyKia, 
KOTopbiPi MOKei 6biTb n nporpaMMOM n >Ke;ie30M, 3aBHCni, HacKo;ibKO 
xopoujo ceib 6yA6T 3aiAniAeHa. 


paHAMayap 0B;i;ieTC!i tom «orHeH- 
Hoii CTeHOM», KOTopafl 6yflei or- 
pa>KAaTb Bac ot BpeAworo bo3A6m- 
CTBM» 0Kpy>KaK)iAeM cpeAbi noA 
Ha3BaHM6M HHTepneT. Ha ceroAHfliuHMM ASHb 
Ha pbiHKe cyiAecTByeT orpoMHoe Ko;iMHecTBo 
npoAyKTOB, Bbino/iHflioiAMX 4)yHKAMM firewall. 
CTOMMOCTb T3KMX peiUeHMM MOWeT 6blTb paB- 
Ha Hy;iK) (HanpMMep, peHa ICF, BXOAfiiAero 
B cocTaB Windows Server 2003, BKniOHeHa 

B CTOMMOCTb OnepaAMOHHOM CMCTeMbi), 

a MorneT cocTaanriTb m ascbtkm twcah Aori- 
napoB. A^in Toro htoOw paaoOpaTbCB b 3tom 
MHOroo6pa3MM npoAyxTOB m CAenaTb npa- 
BMnbHbiM BbiOop, HeoOxoAMMo cHaHa/ia KpaT- 
KO 03HaK0MMTbCB C TeOpMOM CeTOBOrO B3aM- 
MOAeMCTBMB M BblBCHMTb, OT HerO )Ke MbI BCe- 
TBKM ACHlWHbl SaiAMlAaTbCn. 

3iueiiOHiipoBaHHan 

o6opOHO 

Ann Toro HToObi npoM3BOAMTenM ceTesoro 
oOopyAOBaHMfi m nporpaMMHoro oOecneHeHMn 
Ann Hero MornM oOiAarbcn na oahom nsbixe 


Hr- 





M oOeCneHMBaTb COBMeCTMMOCTb CBOMX 
ycTpoMCTB, 6bma paapaOoTana Tax HaawBae- 
Man MOAenb OSI (Open System Inter- 
connection). Ona coAep>KMT ceMb ypoBHOM, 
KawAbiM M3 KOTopbix oOecneHMBaeT Bbinonne- 
HMe onpeAeneHHOM nacTM cereBbix ((ryHKAMM 
npM oOMene AaHHbiMM b cotm. 

B npopecce oOwena MHtJropMaAMeM MerxAy 
AByMn KOMnbioTepawM BaAeiicTBOBaHbi Bce 
ceMb ypoBHeii 3 tom MOAenM, opnaxo peanM30- 
BaHO 3TO TaKMM o6pa30M, HTO npOTOKOn OA- 
Horo ypoBHfi He noAoapeaaeT o cyiAecTBosa- 
HMM npoTOKonoB Apyroro ypoBHB. HanpMMep, 
npoTOKon HeTBepToro ypoBHn nepeAaioiAeM 
CTaHAMM B3aMMOAeiicTByeT c npoToxonoM 
TonbKO HeTBepToro ypoBHn npMeMHOM ctbh- 
AMM M T. A. PaaOMeHMe Bcero nopnA^a B3aM- 
MOAOMCTBMn Ha oTAe/ibHbie ypoBHM AaeT pa3- 
paOoTHMKaM B03M0)KH0CTb 3aHMMaTbCn 
peanM3aL(MeM KarxAoro ypoBHn nesaBMCMMo. 

HanpMMep, npoM3BOAMTenM cereBbix xapT 
He oOnaaHbi anaTb, xaxMe nporpaMMw OypyT 
oOMeHMBaTbcn AaHHWMM Me>KAy co6oii, a npo- 
M3BOAMTe/iM KaOenbHOM npoAyxLiMM xarero- » 
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» puM 5 yBepeHbi, hto no mx Ka6e;iio 6yfler ma- 
th Tpa(|)MK, creHepMpoBaHHbiii ;iio6om cere- 
BOM KapioM, noAAep>t<HBaioiAeM craHAapT 
Ethernet. 3HaHne ypoBHeri ashhom MOAe.nM 
Heo6xoAMMO M npn noHMMaHMM CTpaierMM 
aaiAMTbi TioKanbHOM ceiM, noaioMy xpaiKo 
paCCMOTpMM 3TM ceMb ypoBHeii. 

Hm)khmm ypoBHew moabtim OSI nBaneTCB 
(j)M3MHeCKMM ypoBeHb. Oh onpeAeaseT tmo 
cpeAbi nepeASHM, KOAMpoBaHMe AaHHWx, 
MeroAbi nepeASHM, (jjopwy m inn paateMOB. 
flpyrMMM cnoBaMM, cTaHAapibi paaiseMOB 
(HanpMMep RJ-45), MOAy/iBAMM m TOMy 
noAoSnoe othocatcji k craHAapiaM (|)M3 m- 
HeCKoro ypoBHji. 

BiopoM ypoBBHb HaawBaeTCJi ypoBHeM 
Kanana AaHHWx. Oh o6ecneHMBaeT (jjMSMHe- 
CKyio aApecaAMK), yBeAOMJieHMji o6 oiijm 6- 
Kax, nopjiAOK AOcrasKM KaApoB m ynpaaae- 
HMe nOTOKOM ASHHblX. 06blHHO (JjyHKAMM 
3Toro ypoBHB peaaM30BaHbi b ceieBOM aAan- 
Tepe M B KOMMyrarope. FlpMMepoM ciaHAap- 
Ta 3Toro ypoBHfi fiB;iflK)TCJi paaaMHHbie aapn- 
aHTbi npoTOKoria Ethernet. 

TpeTMM ypoBeHb — cereBoii, Ha new pa6o- 
Taer nporoKon IP, KOTopwii o6ecneHMBaei 
BaaMMOABMCTBMe Me)KAy CeTHMM. HeiBepTblM 
ypoBeHb — TpaHcnopTHbiii. Oh oTBenaei 
3a BaaMMOABMCTBMe Me)KAy npMnorneHMfiMM. 
TpeTMM M HeTBepTbIM ypOBHM BBnfHOTCn ca- 
MblMM BaWHblMM CTOHKM 3peHMH CBTeBOTO 
B3aMMOAeiicTBMfi M ceTeBoii 6e3onacHocTM. 
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» Ha 3TMX ypoBHjix pa6oTaK)T ocHOBHwe nporo- 
Ko;ibi, Mcno/ibayeMbie b MHiepHere (IP, TCP, 
UDP, ICMP). CeTBBOM ypoBeHb o6ecne4HBaeT 
AocraBKy paHHbix newAy ;iio6biMM ABywJi ya- 
nam B CBTM, npn 3tom oh hb 6eper Ha ce6ji 
HMKaKMx o6fi3aTe;ibCTB no naAewHocTM nepe- 
ABHH AaHHbix. 3tmm aaHHMaeicfi rpaHcnopr- 
Hbiii ypoBBHb, KOTopbiM o6ecneHMBaeT nepe- 
A3Hy AaHHbix wewAy nio6biMM ya/iauM cbth 
c Tpe6yeMbiM ypoBHBM naAewHocTM. 3to- 
ro Ha TpaHcnopTHOM ypoBHe MweioTCfl cpeA- 
CTBa ycraHOBJiBHHfi coeAMHeHMs, nyMepapMH, 
6y4)epM3annM m ynopsAo^MBaHHfl naKeioB. 
ripMMepoM npoTOKona c rapaHTMpoBaHHow 
nepBAaneii AaHHbix sanfiBTCB TCP. 

rijITblii ypOBBHb — CBaHCOBblii, OpraHM- 
3yBT Awanor mbwav npopBccaMM na paanwx 
MaiBMHax. LUbctom — ypoBBHb npBAciaBnB- 
HHH. Ero 3aAaHBii JIBaBBTCJI TpaHCnSAMB H3 

OAHoro 4)opMaTa AaHHbix b ApyrwB, okbimb 
A aHHbix, lllM4)pOBaHMB M T. A- CBAbMOii — 
ypOBBHb npM/10)KBHMM. Ha 3T0M ypOBHB 
pa6oTaiOT npn;io>KBHmi, c kotopwmh mmbbt 
ABJ io nonb30BaTB;ib. 

rijITbm, lllBCTOM M CBAbMOii ypOBHM MbI 
6yASM pacCMaipMBaTb b AaHHoii craibB kbk 
OAMH, TBK KBK C TOHKM 3pBHM5l CBTBBOii 6 b 3- 
onacHocTM pa36nBHi/iB BaaMMOAeiiCTBMfl 
MBWAy CMCTBMaMM Ha 3TH ypOBHH HB CyiAB- 
CTBBHHO M MOWBT CKOpBB 3anyTaTb, HBWBJIM 
npojiCHMTb CHTyapMK). flns nonnoTbi KapiM- 
Hbl MbI npOCTO npMBBnM Ha3BaHMJI 3THX 
ypOBHBii, KOTOpWB B Aa.HbHBiimBM 6yABM 
HaabiBaib ypoBHBM npMaowBHMii. 

flocTpoeHne saiuiiTbi 

MraK, 03HaK0MMBlllMCb CO BCBMM ypOBHBMH 
CBTBBOrO BaaMMOAeiiCTBMJI, MbI MOWBM HaHaTb 
CTpoMTb aaiAMTy unn Ka>KAoro ypoBHfi OTABnb- 


HO. COOTBBTCTBBHHO, Bbl6MpaTb npOAyKTbl, KO- 
TOpblB n03B0njlT HBM nOnyHMTb HBo6xOAMMyiO 
(JjyHKAMOHa/IbHOCTb, HyWHO TO)KB p,m Ka>KAO- 
ro ypOBHfl B OTAB/IbHOCTM. flBJlO B TOM, HTO HB 
BCB firBwall pa6oTaiOT na Ka>KAOM H3 cbmm 
ypoBHBii, M Bbi6op KOHKpBTHoro HpoAyKTa 6y- 
ABT aaBMCBTb OT HaiHHX 3aA3H M, pa3yMBBTCfl, 
OT (fiMHaHCOBbIX B03M0>KH0CTBii. Han6o/1BB 
nO/IHbIB pBlliBHHB pa6oTaiOT Ha BCBX ypOBHfIX, 
HaHMHafi CO BToporo. 

Ha BTopoM ypoBHB MOAenM OSI naxoAHicfi 
npoTOKon EthBrnBt. HBCMorpfi na to hto 3tot 
npoTOKon onpBAenjiBT nopjiAOK BaaMMOABii- 
CTBMB BHyTpM noKaabHOM CBTM, 3a4acTyio HB 
HyWHO, 4To6bl BCB KOMHblOTBpbl BHyTpM CBTM 
MMBnM AocTyn ko bcbm bobmowhum pBcyp- 
caM. 0 co6bhho 3to cnpaBBA/iMBO A^ifi 6 bc- 
npoBOAHbix cBTBii. rio3TOMy MHorpa mo>kbt 
oKaaaTbCB wBJiaTB/ibHWM, HTo6bi firBwall 
o6BcnBHMBa/i (jjMnbTpapMio naxBTOB, nocTy- 
naioiAMX m3 cbtm, no Tax HaawBaBMbiM MAC- 
aApecaM cbtbbwx xapT, to bctb npaxTMHBCKM 
no (j)M3MHBCKOMy aApscy KOMnbiOTBpa. 

KawAas CBTBBaji KapTOHxa noc/iB bnxoab 
C KOHBBMBpa npOM3BOAMTB;iJI MMBBT CBOii 
yHMKa/ibHbiii MAC-BApec, no xoTopoMy bb 
MO)KHO MAeHTMC()MHMpOBaTb. HBCMOTpjl HB 
3T0, cyiABCTByioT nporpaMMHbiB npoAyxTbi, 
KOTOpbIB yMBIOT nOAMBHBTb 3TM aApSCB, nO- 
3TOMy Ha 100% no/iaraTbCB na tbkom cnoco6 
MAeHTMCjjMKapMM HOn b30BBTBnBM BCB-TBKM 
HB CJIBAyeT. C OAHOii CTOpOHbl, 3B KOMHblOTB- 
POM, B KOTOpOM yCTaHOBJlBHB CBTBBBB KapTB 
C AOBBpBHHbIM MAC-BAPSCOM, MO)KBT CMAOTb 
KTO yroAHO. C APyroii CTopoHW, kbk y>KB 6bi- 
;io CKaaaHo, anoyMbimnBHHMK mo>kbt npocTo- 
HanpOCTO HBpBXBBTMTb nOCbl/IBBMblB KBpTOM 
naKBTbi M noAMBHMTb B HMX MAC-aApsc 
CBTBBOii KapTbl. 


HanMcaB chmckm poCTyna (b nporpaMMHOM 
oObchbhbhmm, nocTBBnJiBMOM c annapBTHbiM 
6paHAMay3poM, m;im b firBwall-nporpaMMB ot 
CTO pOHHMX npOMBBOAMTBnBii) ((jMJlbTpa- 
AMM Tpa(|)MKa Ha BTOpOM ypOBHB, B C/iyHBB HB- 
oOxOAMMOCTM MbI AO/DKHbl HBpBMTM K 3aiAMTB 
CBTM Ha CnBAyiOlABM, TpBTbBM ypOBHB. 

Ha 3TOM ypoBHB paOoTBBT npoTOKon IP, ko- 
Topbiii ocyiABCTBnjiBT MapmpyTM3aL(Mio naxB- 
TOB. KaWAblii KOMHblOTBp B PlHTBpHBTB MMBBT 
CBoii yHMKa/ibHbiii IP-aApec. iloaTOMy, bc/im mw 
HB XOTMM nOJiyHBTb TpacJjMK OT KaKOfo-nMOo 
KOMnbiOTBpa M/IM L(B/10ii CBTM, MbI AOn/KHbl BHB- 
/lOTMHHbiM oOpaaoM HanMCBTb cnMCKM AoCTyna, 
yKaaaB b hmx HB/KBnaTBnbHWB IP-aApeca. 

OAHaKO aanaCTyio y hbc hbt bo3mo>khoctm 
aapaHBB yanaTb, KaxaB CBTb bb/ibbtcji Hape/K- 
Hoii, a KaxaB — hbt. Bobbb toto, hotbham- 
anbHO onacHbiM ny/KHO CHMTBTb ;iio6om kom- 
nblOTBp B HhTBPHBTB M, HToObI MBKCMMa/lbHO 
o6B30naCMTb Cb6j| ot B03M0)KHblX BTBK, HBM 
HBoOxOAMMO npOnyCKBTb Tpac()MK TOnbKO A/1/1 
Hy/KHbIX npM/10)KBHMM. B pB3y/1bTBTB MbI HOA" 
HMMBBMCJl Ha HBTBBpTblii ypOBBHb. Ha A3HHOM 
ypOBHB MbI 6yABM aaiAMlABTb CBTb, OCHOBblBa- 
flCb Ha 3HBHMM TOTO, KBKMB npM/IO/KBHMB y H3C 
paOoTaioT. HanpMMBp, mh 3hbbm, hto b namBii 
CBTM BCTb TO/lbKO nOHTOBblii CBpBBp. BhBHMT, 

MbI AO/l>KHbl paapBlBMTb TO/lbKO COBAMHBHMJl 
no npoTOKO/iBM SMTP m POP3 m aaKpwTb bcb 
OCT a/IbHbIB npOTOKO/lbl. 

SanacTyio cbmb onBpaAMOHHa/i cmctbmb 

OTKpblBBBT paa/lMHHbIB HOpTbl A/1/1 CBOMX C/iy- 
)KB6HblX AB/lBii, HTO MO/KBT 6blTb MCn0/1b30- 
BBHO XBKBpaMM A/1/1 npOHMKHOBBHMB B HBI/Jy 
CBTb. Ka/KAOB npM/10)KBHMB, KOTOpOB o6mB- 
HMBBBTC/1 AaHHbIMM HO CBTM, MCnO/1b3yBT 
npoTOKO/1 (SMTP, HTTP m APyrMB), KOTopoMy 
npMHMCaH OnpBAfi/lBHHblii HOMBp, TBK Ha3bl- » 
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» BaeMbiM HOMep nopra. Ec;im mw xotmm Aony- 
CTMTb SMTP-rpatjJMK B HameM cern, to b Ha- 
cTpoiiKax firewall hbao paapemnib pa6oTy 
no nopry 25. HeKOTopwe nponaBOAMTenn 
firewall o6nerHaiOT namy wnsHb b 3tom bo- 
npoce M He aacTaBaaroT yHMTb HawaycTb ho- 
Mepa nopTOB Bcex nporoKoaoB, a ncnoabay- 
K)T MX caoBecHoe onMcaHne. 

MHorne HBAoporne pemeHna orpaHMHM- 
BaWTCa BOaMO)KHOCTbK) aaiAMTbl Ha TpeTbeM 
M HeTBepTOM ypoBHax MOAean OSI. flaa orpa- 
>KeHMfl 6oabiaMHCTBa yrpoa aioro Mowei oxa- 
aaTbca AocTaroHHo, oah3ko A.na noanoM aa- 
lAMTbi ceTM Heo6xoAMMa aaiAMTa m na ypoBne 
npnao)KeHMM. Hto 3to anaHMT? 

flonycTMM, BHyrpM ceiM ecTb Be6-cepBep 
M Mbi HacTpoMan Ham firewall na nponycxanMe 
naxeioB Toabxo na 3tot cepeep m Toabxo 
no nopry 80, hto cooTBercTByer noAAep>*<Ke 
HTTP-npoTOKoaa. 0ah3ko b aioOoM npo- 
rpawMHOM oOecneneHMn ecTb om»6m, m Be6- 
cepBepw He aBaaroTca MCxaiOHeHMaMM. Xaxep 
MorxeT nocaaTb cnerinaabHo cKOHcrpyMpoBaH- 
HbiM aanpoc na earn BeO-cepeep. 06pa6oTKa 
aanpoca npMBeAer k omMOxe, hto noBaener 
aa C060M m6o «naAeHMe» cepaepa, an6o 
noayneHMe aaoyMwmaeHHMKOM KOHTpoaa hba 
HMM M, BoaMo>KHo, AocTyoa K aoKaabHoii ceTM, 
B KOTOpOM 3TOT CepBep HaXOAMTCB. 

3a 2003 roA bo bcbm MMpe 6biao MHorxe- 
CTBo BMpycHbix 3nnAeMMM, McnoabayioiAMx 
omnOKM B peaaMaaAMM BeO-cepaepoB. HtoOw 
MCXaiOHMTb BOaMO>KHOCTb nOAoOHOTO pOA3 

arax, hboOxoammo npoaeparb na bxoas b na- 
my ceTb ne roabxo IP-aApeca m HOMepa nop- 
TOB OTnpaBMTeaa m noayHareaa aanpoca, 

HO M caeAMTb aa xoppexTHocTbx) cjropMaTa 
HTTP-aanpocoB b caynae c BeO-cepsepoM. 

PeaaMaanMa aaiAMTbi na ypoane npMao- 
rxeHMii aBaaercfl HerpMBMaabHOM aapaneii, 
nosTowy ecan bw OyAere ncxarb firewall, 
o6aaAax)iAMii raxMMM (jryHxpMflMM, to npn- 
roTOBbTecb noTpaTMTb AOCT3TOHHO xpyoHyx) 
cyMMy Aener. B HexoTopwx caynaax npo- 
MaBOAMTeaM BeO-cepaepoa oOaernaxrT nan 
rxMaHb M Bbinycxax)T Aaa cbomx npoAyxTOB 
yTMaMTbi, BbinoaHflXMAMe poab firewall 
ypoBHfl npnaorxeHMM, nanpMwep yTManra 
URLScan p,m IIS xoMnaHMM Microsoft. 

rioMMMO anaaMaa OTAeabHwx naxeroB mv\ 
HeOoabmnx rpynn naxeroB na npeAwer nx na- 
AerxHocTM, cymecTByxrT 6oaee MHreaaexry- 
aabHbie CMcreMbi, cnocoOnwe anaanaMpoBaTb 
caorxHbie MopeaM Tpatjrnxa m npeAynperxAarb 
0 BoaMorxHbix araxax. HanpMMep, cxannpoBa- 
HMe nopTOB aaaaeTca BoaMorxHOM npMHMHoii 
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BHeiiiHHM BHA annapaTHoro 6paHAMay- 
apa Cisco PIX Firewall 


Aaa OecnoxoiicTBa aAMMHMCTparopa. Paayne- 
erca, ecaw firewall oxaaaaca 6bi b cocroaHMM 
oOnapyrxMTb cxaHnpoBanne m BpeweHHo aa- 
xpbiTb Bce nopTbi, TO T3xaa ((jyHxpMa Moraa 6w 
oxaaaTbca aecbMa noaeanoM. CncTeMbi, xoto- 
pwe Moryr oOnapyrKMib xaxepcxyxr nan bm- 
pycHyx) axTMBHocTb, ocHOBWBaacb na anaanae 
BxoAaiuero rpacjaixa, HaawBaxjTca Intrusion 
Detection System (IDS). HaaMHue raxoil 
(JjyHxpMOHaabHocTM MorxeT noBanaTb na 
Bbi6op cpeACTBa aaiAHTw. 

Bce BMAbI o6opOHbl 

riperxAe new nepeiiTM x paccMorpeHMX) xoh- 
xpeTHbix MopeaeM, cnanaaa BwacHMM, xaxM- 
MM eme MHTepecHbiMM (jjyHxpnaMM worxer 
oOaaABTb firewall. Ecan firewall paOoraer na 
rpaHMpe werxAy aoxaabHOM cerbx) m Hnrep- 
HeroM, TO HeoOxoAMMO, htoOw oh Bbinoanaa 
(jjyHxpnx) TpaHcaariMM aApecoB (NAT — 
Network Address Translation). 3to oananaeT, 
HTO BHyrpM ceTM MbI oObIHHO MCHoabayeM 
Tax HaawBaeMbie nacTHwe IP-aApeca, xoto- 
pbie MorxHo McnoabaoBaTb b npeAeaax co6- 
CTBeHHOM aoxaabHOM cbtm, ho Heabaa mc- 
noabaoBarb b klHTepHere. HtoOw noaynMTb 
AocTyn X MHcjropMapMM b klHTepHere, h3m 
H eoOxoAMMO npeo6paaoB3Tb HacTHbiii IP- 
aApec Hamero xoMnbxrrepa b nyOaMHHbiM, 
BbiAaHHbiii npoBaMAepoM. 

B nocaeAHee Bpena aaAana raxoM rpanc- 
aanMM OTHOCMTca 6oabme x craHAapTHbiM 
(jjyHxpMaw wapmpyTMaaropa. Tax, HanpMwep, 
B Windows Server 2003 3to HacrpaMBaerca 
B cBOMCTBax Routing and Remote Access 
cepBepa. 0ah3xo b cMcreMax Linux rpanc- 
aanMa aApecoB asaaerca nacTbx) cjjyHxpMM 
firewall. H re m Apyrne no-CBoeMy npaBbi, 
Tax xax, c oahom cropoHbi, NAT aaaaeTca 
npoToxoaoM MapmpyTMaapMM, nocxoabxy oh 
wapmpyTMaMpyeT rparjjMX c opHoro MHrep- 
(|)eMca (cereBOM xaprbi) na Apyroii. C APy- 
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Norton Personal Firewall — npeACTa- 
BHTenb ceMeiicTBa Personal Firewalls 


roM cTopoHbi, NAT aBaaerca MHcrpyMeHTOM 
OeaonacHocTM, rax xax cxpwBaer xoMnbxrre- 
pbi B aoxaabHOM cbtm nyreiH TpaHcaapMM IP- 
aApecoB Bcex xoMnbxrrepoB b oamh MaM He- 
cxoabxo peaabHbix IP-aApecoB. 

rioMMMo coOcTBeHHo saiAMTbi firewall mo- 
>xeT orpaHMHMBaTb AoCTyn x l/lHrepHery Aaa 
noabSOBareaeM aoxaabHOM cbtm. Ecan bw 
H e xoTMTe, HToObi noab30B3TeaM Bameii cbtm 
cxaHMBaaM m 3 klHrepHera My3wxy, BMAeocJraM- 
aw MaM CTpaHMpw onpeAeaeHHoro coAeprxa- 
HMa, TO HeoOxoAMMo Mcxarb firewall c nop- 
AeprxxoM rexHoaorMM content filtering, 
xoTopaa orpaHMHMBaer AOCTyn x canraM 
BblOpaHHbIX B3MM XaTBTOpMM. 

HeoOxOAMMO nOMHMTb, HTO nOMMMO BHBm- 
HMX yrpo3, X xoTopwM OTHOcarca araxM BMpy- 
coB M xaxepoB, He nenbrnyx) onacHOCTb Moryr 
npepcTaBaaTb m c3mm noabaoBareaM aoxaab- 
HOM CBTM. rio yTBeprxAfiHMaM paaaMHHwx 3a- 
naAHbix xoMnaHMM, aaHMMaxriAMXca paapaOoT- 
XOM CMCTBM 6e30naCH0CTM, 80% BCeX B3aOMOB 
ocymecTBaaeTca C3 mmmm corpyAHMxaMM. B 03 - 
MorxHo, B poccMMCXMx ycaoBMax 3 tot npopeHT 
Hecxoabxo MeHbme, tbm hb Menee He caeAyer 
06 3TOM 3a6biBaTb. flo3TOMy ecaM B Bameii 
CBTM ecTb xoH(|)MAeHHMaabHaa MHcfropMapMa, 
TpeOyxrmaa cepbeanoM aaiAMTw, to Mweer 
CMbica ocyigecTBaaTb x hom Aocryn raxrxe 
nepea BHyrpeHHMM firewall. 

Hard mm soft? 

nepeMABM Tenepb k paccMoipeHnio KOHKper- 
Hbix npoflyKTOB. Firewall mo>kho paafle/imb 
Ha ABa Tuna: 

► peiueHMfl, 3aiAMiAaK)LAMe oTAe/ibHbm kom- 
nbioTep (Personal Firewall); 

► pemeHMfl, pa6oTaioLAne Ha rpaniiAe /lOKa/ib- 
HOM ceTM M 3aiAMiAaK)LAMe bck) ceib. 

BiopoM TMn Mo>KHo pa3Ae/iMTb eme na 
ABe rpynnbi: 3 to nporpaMMHbie m annapai- 
Hbie cpeACTBa. » 


CHIP 


SPECIAL 


NO 1 1 


52 EESOHACHOCTb npeflOTBpaiLieHHe speflOHOCHbix BTopweHuPi 



» flonHasi 6esonacHOCTb 
AOpOrO CTOMT 

Han6o;iee nonyaapHbiMM annapaTHbiMn peme- 
HMjiMM aBaaroTca Cisco PIX Firewall (www. cis- 
co. com/go/pix) M Checkpoint Firewall-1 
(www.checkpoint.com). 3 to AOBonsno c/io>k- 
Hbie M Aoporne peujennji, aaiAniAaroimie Bamy 
ceib na Bcex ypoBHfix n oCecneHnBaromne 
B03M0)KH0CTb C03AaHMfl SaiAMlAeHHbIX KaHa- 
noB MewAy cernMn nan we>KAy yAaJiewHbiM 
noabaoBareneM n ceibio (VPN). MMenno b cm- 
ay AoporoBM3Hbi npnMeHenne noAohnoir lex- 
HMKM Moryr no3BoanTb ce6e loabKo AocraioH- 
Ho 6orarbie KOMnannn. 

HacTpoMKO luiapuipyTiisaAiiii 

Ecan y Bac He6oabiaaa cerb nan bh roroBW 
nornepTBOBaTb onenb bwcokom npon3BOAn- 
TeabHOCTbK), TO MOWHO orpaHMHMTbca npo- 
rpawMHbiM pemenneM, Koropoe 6yAer pa- 
6oTaTb na ycipoiicTBe, ocymecTBaaioiAeM 
MapiapyTMaapnK). Ecan MapiapyrnaaiopoM 
aBaaercfl Windows Server 2003, to oh o6aa- 
AaeT HeoOxoAMMOM c()yHKAMOHaabHocTbio 
Aaa aaiAMTbi ceTM na TpeTbew m neTBepTow 
ypoBHflx MOAeaM OSI. 

HacTpoMKa Windows Server 2003 b xanecTBe 
MapmpyTMsaTopa c noAAeprxKOM firewall m NAT 
ocymecTBaaeTCfl b KOHcoaw Routing and 
Remote Access (RRAS). FlepeA Tew xax HanaTb 
HacTpoiiKy, HaAo anaTb IP-aApec, KOTopbiii Aaa 
npoBaiiAep, m onpeAeawTbca, Kaxwe aApeca 6y- 
Ayr Mcnoab30BaTbca b Hameii aoKaabHoii cbth. 
BHyrpn aoKaabHwx ceTefi Moryr ncnoabsoBaTb- 
Cfl aApeca oahoto m 3 Tpex AHanaaoHoa: 

10.0.0.0 — 10.255.255.255, 192.168.0.0 — 
192.168.255.255 an6o 172.16.0.0 — 172.31. 
255.255. TaKMe aApeca HWKorAa He 6yAyT npM- 
CBoeHbi peaabHbiM ceTeewM ycTpoiicTBaM m 
KOMU biOTepaM, AocTynHbiM M3 klHTepneTa. 

Flocae BbiacneHMa 3 tom MH(|)opMa4MM ne- 
o6xoammo aaiiTM b KOHcoab RRAS m yOeAMTbca 



B TOM, HTo B CHMCOK upoTOKoaoB MapmpyTM3a- 
AMM BKaiOHeH NAT/Basic Firewall. Ecan aroro 
HeT, TO ero HyrxHo AodaBMTb. 

fleaaeTca 3 to HawaTMeM npaeoM khohkm 
M biujKM Ha nyHKTe «General» m BbiOopoM nyHK- 
Ta MeHK) «New Routing Protocol*. 3areM ne- 
o6xoammo yxaaaTb cepeepy, xaKOM MHTepcfieMC 
(ceTeeaa xapra) aBaaeTca BHyrpeHHMM, a xa- 
KOM BHeiuHMM. Ha>KMMaeM npaByio KHonxy mw- 
lUM Ha nyHKTe «NAT/Basic Firewall*, Bbi6npaeM 
«New Interface*, yxaabiBaeM HyrKHbm MHTep- 
(JreMC M TO, HBaaeTca an oh BHyTpenHMM (pri- 
vate) Man BHeujHMM (public). flaa BHemnero 
MHTeprJreMca Taxwe neo6xoAMMo yxaaaTb p,m- 
naaoH aApecoB, BbiAaHHbiM npoBauAepoM. Flo- 
cae 3Toro nacTpoMKa NAT 6yA6T saKOHMena. 

BapMaHTbl SaiMMTbl 

Flocae nacTpoMKM NAT HeoOxoAMMO Bw6paTb 
TMn firewall, ecan mw npeAnoaaraew noasao- 
BaTbCfl BHyTpeHHMMM cpepcTBaMM onepapM- 
oHHoii cMCTeMbi. Windows Server 2003 
npeAaaraeT naM Asa BapnaHTa. flepBbm — 
McnoabaoBaHMe npocToro firewall (basic fire- 
wall). flpM 3TOM firewall no yMoanaHMio 6yAeT 
nponycKaTb b ceTb ToabKO tot TpacjjMK, koto- 


pwM 6bia M3 nee MHMLiMMpoBan. HanpuMep, 
ecaM noabaoBaTeab nbiTaeTca oTxpbiTb Be6- 
CTpaHMHKy Ha yAaaennoM cepaepe, to TpacJrMK 
OT cepaepa k 3TOMy noabaoBaTearo 6yA6T 
nponyiAen. Ecan we KaxoM-auGo xoMUbxjTep 
B klHTepneTe nonbiTaeTca cbm noayuMTb ao- 
CTyn X xoMnbXTTepy b nameM aoxaabHOM cbtm, 

TO 3TM nonbiTXM 6yAyT noanocTbX) npecexaTb- 
ca. Ho ecaM b Hameii ceTM ecTb cepeepw, 
HanpMMep noMTOBwii, xoTopoMy hboGxoammo 
npMHMMaTb aanpocbi na noAxax)HeHMa, to 

eCTb B03MO)KHOCTb C03A3Tb COOTBeTCTByXMAMe 
Mcxax)HeHMa. flaa SToro hbao homtm b xoh- 
coab RRAS, naiiTM b neii nynxT «NAT/Basic 
Firewall*, b npaaoM oxne BwOpaTb tot MHTep- 
(jreMC, xoTopbiii «cmotpmt b CTopony* npo- 
BaiiAepa, m Bw6paTb BxaaAxy «Services and 
Ports*. Flocae SToro Heo6xoAMMo nocTaBMTb 
raaoHxy nanpoTMB HaaeaHMa cooTBeTCTByxr- 
igero cepeepa m yxaaaTb ero IP-aApec b ao- 
xaabHOM ceTM. 

flaa MHOTMx He6oabmMx ceTeii Taxoii aa- 
lAMTbi 6yAeT AocTaTOHHo. Ecan we y Bac ywe 
ecTb onbiT HacTpoiixM firewall, to bw MoweTe 
cawocToaTeabHo onpeAeaaTb xoHxpeTHbie 
npaBMaa Aaa naxeTOB Ha ocHOBe IP-aApecoB, 
HOMepoB nopTOB M npoToxoaoB. B oxho bbo- 
Aa npaBMa mowho nonaCTb, nawaa XHonxM 
«Inbound Filters* m «0utbound Filters*, 
xoTopbie pacnoaaraxTTca tbm we, cAe mw 
onpeAeaaaM tmow MHTep4>eMcoB. 

EcaM M 3TMX BoaMowHocTeii noxaweTca 
HeAocTaTOHHo, M Bbi xoTMTe aaiAMipaTb CeTb 
Ha Bcex ceMM ypoBHax, to b 3tom cayaae 
Microsoft npeAaaraeT CBoii npoAyxT noA na- 
3BaHMeM IAS Server (Internet Acceleration 
and Security). FIommmo (|)yHXAMM oGecnene- 
HMa beaonacHocTM, 3 tot npoAyxT BxaxrnaeT 
B ce6a npoxcM-cepBep, xoTopwii McnoabayeT- 
ca Aaa xamupoBauMa Be6-CTpaHMA m TaxMM » 
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» o6pa30M ycKopaeT flocryn k pecypcaw 1/lHrep- 
Hera. floaTOMy b HasBaHnn npopyKia m npn- 
cyrcTByer c;iobo Acceleration. 

flepcoHanbHbie 
re Jioxpa H MTeim 

B pjifle c/iynaeB y Bac ner bo3mo>khoctm po- 
BepwTb CBOK) 6e3onacHocTb ceieBowy firewall, 
HanpwMep, ec/in bw nyremecTByeTe c noyT6y- 
KOM M/1M BbIXOflMTe B MHTepHeT M3 AOMa. flnji 
laKMx peneii cyipecTByeT K/iacc npoAyKTOB 
noA Ha3BaHneM Personal Firewall, to ecib 
nMHHbiM 6paHAMay3p, Koropbm aaiAMipaeT 
TonbKo Bam KOMnbiOTep. 

UnoTAa raxMe nporpaMMw MHTerpnpyioTCfi 
c aHTMBMpycHbiM FIO Ann o6ecneHeHMji kom- 
nneKCHOM aaiAMTw. KpoMe roro, neKoropbie 
nMHHbie 6paHAMay3pbi o6naA3K)T oahom no- 
neanoM oco6enHocTbK). FlocKonbKy ohm pa- 
6oTaK)T Ha TOM }Ke KOMHblOTepe, KOTOpbIM M 
aaiAMipaiOT, to y hmx ecTb B03M0>KH0CTb onpe- 
AensTb, KaKan nporpaMMa, pa6oTaioiAaJi na 
BameM KOMnbroTepe, nbiTaeTcn BbiMTM b Hh- 
TepneT, k xaxoMy IP-aApecy m nopTy npoM3- 
BOAMTcn o6paiAeHMe. 3 to MoweT oKaaaTbcn 

OHeHb nO/ie3HblM, eC/1M bw He XOTMTe, K npM- 
Mepy, hto6w KaKOM-HM6yAb BMpyc oTocnan 
CBoeMy co3AaTenK) Bce BamM naponn. 

OAHaKO H3AO yHMTbIBaTb, HTO COBpeMBH- 
Hbie nporpaMMbi aobo/ibho nacTo nbiTaroTcn 
BbiMTM B MHTepneT M BbinonHMTb Heo6xoAM- 
Mbie MM ASMCTBMJl, HanpMMBp, npoBepMTb Ha- 
nMHMe o6HOBneHMM Ha caiiTe (|)MpMbi-pa3pa- 
6oTHMKa. rio3TOMy ecnM Bam jimhhwm firewall 
coo6iAaeT, hto Kaxan-To HeM3BecTHan npo- 
rpaMMa nwTaeTcn coeAMHMTbcn c hokmm cali- 
TOM B PlHTepneTe, TO ne ctomt naHMKOBaTb, 

TyT )Ke 6nOKMpOBaTb 3T0T Tpa(|)MK M CXaHMBaTb 
nocneAHMe aHTMBMpycHwe o6HOBneHMB. B03- 
MO)KHO, 3TO npocTO 3anycTM/icB Windows 
Update MnM Real Player nomen McxaTb HOBwe 
ceTBBbie paAMOCTanpMM. 

K Knaccy Personal Firewall othocmtca 
BCT poeHHWM B Windows XP m Windows Server 
2003 Internet Connection Firewall (ICF). He- 
CMOTpn Ha TO HTO 3TOT npoAyxT oOnapaeT 
BeCbMa CKpOMHOM (JryHKAMOHanbHOCTbK), OH 
OHeHb npocT B HacTpoMKe M Ann OonbmMHCTBa 
nonb30BaTeneM m naHMHaioiAMx cMCTeMHwx 
aAMMHMCTpaTopoB Mo>KeT oKaaaTbcn BecbMa 
nonesHbiM. HacTpaMBaeTcn 3 tot firewall b 
CB oiicTBax ceTBBoro noAxnioHeHMfl na BxnaA- 
xe «Advanced», rAe hboOxoammo nocTaBMTb 
ranoHxy nanpoTMB 4)pa3w «Protect my com- 
puter and network by limiting or preventing 
access to this computer from the Internet)). 
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Ec/im Ha xoMnbK)Tepe pahoraer, nanpMMep, 
Be6-CepBep, X XOTOpOMy MbI XOTMM OTXpWTb 
AOCTyn, to neohxoAMMO b HacTpoirxax ICF ne- 
peMTM Ha BxnaAxy «Services)) m nocTaBMTb ra- 
noHxy HanpoTMB «Web Server (HTTP))). 

Ha BxnaAxe «ICMP)) mo)xho paapemMTb 
xoMnbX)Tepy oTBenaTb na xoMaHAy ping m 
ApyrMe 6onee cno>XHbie cnyrxehnwe aanpocbi 
M3 HHTepneTa. HnorAa 3to MorxeT oxa3aTbcn 
none3HbiM, nanpMMep, ec/iM y Bac ecTb ypa- 
neHHbiM xoMnbX)Tep m bbi xotmtb nepMOAMHe- 
cxM npoBepnTb, He «0TBanM/icn)) nn oh ot 
ceTM. OAHaxo ping McnojibayeTcn m npM cxa- 
HMpOBaHMM CeTM B nOMCXaX nOTBHAManbHOM 
rxepTBbi. EcnM bw Bce >xe pemMJiM paapemMTb 
BameMy xoMnbX)Tepy oTBenaTb na ping, to 
nocTaBbTe ranonxy nanpoTMB «Allow incom- 
ing echo request)). EcnM bw ne anaeTe na- 
3HaHeHMB ocTanbHwx napaMeTpoB, to Mxnyn- 
me OCTaBMTb BWXnX)HeHHWMM. 

Kax y>xe ynoMMuanocb Bwme, ICF ohnaAaeT 
AOBonbHO orpaHMHeHHOM (|)yHxqMOHanbHO- 
CTbX), no3TOMy Ann noBwmeHHOM heaonacHo- 
CTM MMeeT CMwcn ohpaTMTb BHMMaHMe Ha pnA 
ApyrMx npoAyxTOB. PaccMOTpMM, hto h3m mo- 
)xeT npeAnorxMTb Personal Firewall na npMMe- 
pe Norton Personal Firewall. 

3Ta nporpaMMa ohnaAaeT npaxTMnecxM 
no/iHWM HahopoM MHCTpyMeHTOB Ann C03Aa- 
HMB HaAerxHOM aaiAMTW. C noMoiqbX) Norton 
Personal Firewall bw Morxere cneAyxriqee. 

► OnpeAenjiTb cTaHAapTHwe npaBMna na 
ocHOBe IP-aApecoB m HOMepoB nopTOB. 

► VxaabiBaTb, xaxMM xoMnbX)TepaM bw paape- 
maeTe AOCTyn x cbomm o6iamm nanxaM, a xa- 

XMM HBT. 

► YxaawBaTb, xaxMM nporpaMMaM paapemen 
BwxoA B klHTepneT. 

► BwfiBnnTb paanMHHwe araxM na xoMnbX)Tep 
c noMoiqbx) MOAynn Intrusion Detection. 

► BwpesaTb pexnaMHwe haHuepw m 3 CTpauMiq 
caMTOB. flaHHan tJryHXAMfl MorxeT oxaaaTbcn 



He OHeHb no/iesHOM b poccmmcxmx ycnoBMsx, 
Tax xax ee (fiM/ibTpw nacTpoenbi na aanaAHwe 
caMTw. Ho, ecTecTBeHHo, ecnM xaxoii-To m 3 
pOCCMMCXMX caMTOB HaHHBT AOXyHaTb HaBH3- 
HMBOM pexnaMOM, npoiqe npocToro pohaBMTb 
ero B HepHbiM chmcox hnoxMpyeMwx cafiTOB. 

► VxaawBaTb, xaxan MHcfiopMaAMn He AonrxHa 
noxMAaTb npeAenw Bamero xoMnbX)Tepa. 

HecMOTpn na xarxyiqyxrcn cnorxHocTb npo- 
AyxTa, OH MMeeT Bno/ine npMeMneMwe pa6o- 
HMe HacTpoMXM no yMonnaHMK), xoTopwe mo>x- 
HO OCTaBMTb H3 nepBOe BpeMH M M3MeHBTb MX 
no Mepe Bamero coBepmeHCTBOBaHMs b o6na- 
CTM cereBOM hesonacHocTM. 

Taxrxe mMpoxo M3BecTeH npopyxT 
ZoneAlarm Pro with Web Filtering xoMnaHMM 
Zone Labs. 3tot firewall MMeeT cohcTBeHHyx) 
6aay caiiTOB, pashMTyx) Ha xaTeropMM. KpoMe 
Toro, nporpaMMa yMeer cxaHMpoBaTb m ananM- 
3MpoBaTb coAeprxMMoe aarpyrxaeMwx cTpa- 
HMA, nocne 3Toro npMHMMaTb pemeHMe 0 npM- 
HaAnewHOCTM CTpaHMiqw x onpeAeneHHoii 
xaTeropMM m npoM3BOAMTb Tonbxo Te Aeii- 
CTBMB, xoTopwe paapemeHw npM noceiqeHMM 
caMTOB 3TOM xaTeropMM. 

Bo/ibmMHCTBO nporpaMM TMna Personal 
Firewall MMex)T oneHb noxorxyx) 4)yHxqMO- 
HanbHocTb M 0TnMHax)Tcn Tonbxo MHTep(|)eM- 
COM M yAohcTBOM HacTpoex. Ha ceroAHnmHMM 
AeHb Ha pwHxe npeACTaBneno AoCTaTOHHO 
honbmoe xo/iMnecTBo TaxMx nporpaMM, m ot- 
AaTb npeAnoHTeHMe xaxoM-nnho m3 hmx ao- 
CTaTOHHo cnorxHo. 

OAHaxo H3AO nOMHMTb, HTO MHC()OpMaAMfl 
B name apeMS aanacTyx) ctomt oneHb Aopo- 
ro. Hehonbman onnomnocTb m/im npocTO ne- 
hperxHocTb npM nocTpoeHMM CMCTeMW 6eao- 
nacHOCTM MorxeT npMBecTM x nenanbHWM 
nocneACTBMHM. Flo3TOMy mw eiqe pa3 nacTOM- 
HMBo pexoMeHAyeM yAennTb BonpocaM 6e3o- 
nacHocTM caMoe npMCTanbHoe BHMMaHMe. 

■ ■ ■ BxHecnaB JlymnHcxnii 
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Eab3 j ] v \ He OCHOBHOH saABMePi ;iio6oPi cepeepHoPi onepapHOHHoPi cncie- 
Mbi jiB/ijieTCB o6ecneMeHne 6e3onacHocTH HHctDopMapnH, xpaHHMoPi kbk 
H a caMOM cepaepe, TaK m na K/iMeHicKMx KOMnbioTepax. He aa;ia hc- 
K;iiOHeHneM h Windows Server 2003. 


C ymecTByioT flse ocHOBHbix KOHLiem^nn 
o6ecneHeHMji 6e3onacHocTn onepaun- 
OHHoii CMCieMbi. nepsaji npeAno/iara- 
er, HTo Ba>KHee Bcero flocryn k pecypcan, 

M ee MowHo c(fiopMy;iMpoBaTb laK — «Pa3pe- 
meHo Bce, Kpowe roro, hto 3anpeiMeHo». Bto- 
paB BBBJieTCB ee AnaMeTpaBbHoPi npornBono- 
BowHocTbK) M macMT: «3anpeiAeHo Bce, Kpowe 
Toro, HTO yKaaaHO BpyHHyio». 

PaHbme Bce onepapnoHHbie cucreMbi 
Microsoft crpoMBMCb, ncno/ibaya nepeyio koh- 
penpuio, TO ecTb b mx ochobo Be>Kaa npuHAnn 
AOCTynHOCTM b yiAep6 6e3onacHOCTH. Ho Bup- 


TyaBbHblM MHp pa3BMBaeTCfl He TOBbKO B /lyH- 
myK) CTopoHy, noBBBfieTCfi Bce 6oBbmee ko- 
BMHeCTBO 3/10yMblUJBeHHMK0B, CTpeMJUAMXCB 
noxMTMTb M/1M HOBpeAMTb He HpMHaABexcaiAyK) 

MM MHCjjOpMaAMIO. H KBK CBeACTBMe 3TOTO 
ypoBHK) 6e3onacHocTM OC ctb/im npeAtfiB- 
BBTbCB 6oBee BbICOKMe Tpe6oBaHMJI. 

B HanaBe 2002 roAa KopnopauMB Micro- 
soft npeAno)KM/ia KOHpenpMio OeaonacHocTM 
SD3+C (Secure by Design, Secure by Default, 
Secure in Deployment and Communica- 
tions — 6e3onacHocTb b apxMTexType, 6eao- 
nacHOCTb no yMonnauMio, beaonaCHOCTb npu » 
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Pmc. 1. Coo 6 i 4 eHHe 06 oiiiMSKe AOCTy- 
na K 3aiuH<t>poBaHHOMy (|>aHny 



» ycraHOBKe m BsanMOfleMCTBue). OAHOBpeweH- 
Ho c 3TMM Microsoft aasBuna o nanaae paapa- 
60 TKM aamnmeHHoii MHc()opMa 4 MOHHoii cn- 
creMbi (Trustworthy Computing), Koropan 
6a3upyeTCB ua nerbipex ochobhwx npuupu- 
nax: o6ecne4eHue 6eaonacHocTM, aaiguTa ;imh- 
Hbix CBeAeuMM, uaAerKHocTb n AenocTHocrb. 

OC Windows Server 2003 Bennercn nepBWM 
npoAyKTOM KopnopariMM, nocrpoeuMbiM c 
Mcno/ib30BaHneM arnx aaeMeuroB. 

Vrpoaa Ann BHyipncereBoii nHrJropMaunn 
Mower McxoAMrb ue ronbKO or BHemuux ncron- 
HHKOB, HO M or AonepHMX KnneHroB caMoii co- 
rn, npuHOM He TonbKO no anoMy ywwcny, ho n 
npocTo n3-3a neonbiTHocrn nonbaoBareneii. 

A aaiAwra or KopnoparwBHoro lunwoHawa ywe 
HecKo/ibKo ner, xax newwr bo maBe yrna npw 
opraHM3aL(HM n paaBeprwBaHMM cerefi mhotox 
npeAnpMBrnii. Windows Server 2003 npeAo- 


craBnner lUMpoKwe bosmowhoctm no oSecnene- 
HMK) SeaonacHocTM pecypcoB noKa/ibHofi cern. 

rioA noHnrneM OeaonacHocrw pecypcoB 
noApaayMeBaercfl paarpannneHMe npae ao- 
cryna m paapemeHHbix MaHnny/iBAMM c oOt- 
OKraMM cern, ro ecrb 6ea mnmm cooreer- 
crByK)iAMx no/iHOMOHMM nonbaoBarejib ne 
CMOwer, HanpMMep, OTKpwrb, yAanwrb vim 
nepewMeHOBarb ror m/im whom pecypc. Orpa- 
HMHeHne Aocryna k oOteKraM wower npoBo- 
Anrbcn necKonbKMMM cnocoOaMM. OcHOBHwe 
M3 HMx — pacnpeAeneHMe npaB m ho/ihomo- 
HMM Ha npoBeACHMe paanMHHwx AeiicTBMM, 
ujM4)poBaHMe M aBropMaariMB. floApoOno 
0 pacnpeAsneHMM npaa m nonnoMOHMM cpe- 
AM nonbaoBareneM cern 6yAer paccKaaano 
B cneAyKMAeii crarbe, a 3Aecb mw paccMorpMM 
Apyrne bo3mo>khoctm OeaonacHocrn, npoAo- 
craanneMbie Windows Server 2003. 



CpeACTBO ayTeHTM(|>MKaL(MM 


□poTOKOJi Kerberos 

flnn co3AaHMH npaKrunecKM nio6oM CMcre- 
Mbi OeaonacHoc™ HeoOxoAMMO npMcyr- 
crsMe B HePi cpeAcrs, noaBonmou^MX npo- 
Bepnrb, HB/inercn jim oObeKr b AsficrBM- 
renbHocrM reM, aa Koro oh ce6n BbiAaer. 
ripopecc raKOM npoBepKM npMHnro naabi- 
Barb ayreHTOCpMKauMeM. 

OcHOBHbiM MexaHkiaMOM ayreHrMcpMKapMM, 
Mcno/ibayeMbiM b Windows Server 2003, hb- 
nnercH nporoKon Kerberos nnroPi BepcMM. 
flaHHbiM nporoKon ycraHOBnen b w2k3 
no yMonHaHMio m He HywAaercn b paaeep- 
rbiBawMM M AononHMre/ibHOM HacrpoMKe. 
EAMHcrBeHHbiM KOMnoHeHr, Koropbm eMy 
HyweH Ann paOorbi, — aro ycraHOB/ieHHbiii 
AOMeHHbIM KOHrpojiJiep. 
riioOoM aanpoc na ayreHrMcpMKauMio npo- 
xoAMr npoBepny necKonbKMMM CMcreMaMM 
Kerberos, nro npaKruHecKM no/iHocrbio mc- 
KnioHaer BOSMOWHOcrb noAAC/iKM cereBoro 


MMeHM. Ero anropkirM HB/inercn CMcreMOM 
MAenrMcpMKauMM, ocHosaHHOM na AoeepHM 
ywe oOpaOoraHHbix Kerberos-K/ikieHroB. flnn 
AOKaaarenbcrsa npoBepKM Kerberos-cepae- 
poM Mcnonbayercn ran naabiBaeMan KBuraH- 
UMB (naKer AaHHbix), npoBepnn ee, cepeep 
npoMSBOAMr MAeHrMcpMKaumo nonsaoBare- 
nn — ecriM OHa npoMAena, ro aanpoc khm- 
enra npMHMMaercn. 

Tan we Ann noArBepwAeHMB riMHHOcrM wim- 
enra b Kerberos npHMenniorcB raK Haabi- 
BaeMbie yAocroBepeHMB. VAOcroBepeHMe 
coAepwMr Aono/iHnrenbHyio MHCpopMapMio, 
Koropan npM cpaBHeHMM noAraepwAaer, 

Hro KnueHr, npeAccraanmou^MM KBuraH- 
pMto, BBnnercB MMeHHO reM, KOMy ara kbm- 
raHpMB 6bina ACMcrBMrenbHO BbiAana. 

3ry CMcreMy mowho CHMrarb caMoPi acpcpeK- 
rMBHoPi M3 Bcex noAoOHbix, cyu^ecrByiomMX 
Ha AaHHbiPi MOMenr. 



HaAG^Han saiAMTO 

EAMHCrBeHHbIM HBAeWHblM CpOACTBOM aaiAMTbl 

MHcjjopMaAMM jiBnflercB ee mn(|)poBaHMe. TaKoe 
yraepwACHMe CBsaano c reM, nro onepapMOH- 
Hyio CMCreMy mowho aarpyanrb ne ronbKO c 
wecrKoro, ho m c ruOKoro AMCKa. 3ro noaBonn- 
er anoyMbimneHHMKy, nonyHMBiueMy 4)M3MHe- 
ckmPi Aocryn k KOMObiorepy, oOoPirM cpeACTBa 
ynpaBneHMB AocrynoM CMCreMW NTFS m, mc- 
nonbayn cneunanbHbie nporpaMMHwe MHcrpy- 
Menrbi, nponecrb MH(J)opMaAMio c wecrKoro 
AMCKa. OrpoMHbie npeMMyiAecraa lUMcJrpoBaHMe 
npeAocraBnser m npM Mcno/ibaoBaHMM ero b 
paarpaHMHOHMM npaB Aocryna k paanMHHoPi 
MHcjjopMaAMM, HaxoABiAePicfl b oSiamx nanKax. 

CMCTeiMO EFS 

OCHOBHbIM MexaHM3MOM UlM(|)pOBaHMB, MCBOnb- 

ayeMbiM b Windows Server 2003, nennercn En- 
crypting File System (EFS, uiM(j)pyK)iAan (jraPino- 
Ban CMcreMa), paOoraioiAafl roBbxo Ha NTFS 5.0 
M BnepBbie nonaMBiuancn b Windows 2000. 

FloyMonnaHMio KOH(j)MrypaL(Mfi EFS noaBons- 
er BceM no/ibaoBare/mM lUMrjjpoBarb/AeiuMrjrpo- 
Barb CBOM ((laPinbi 6ea BcnKoro BMemarenbcraa 
CO CTopoHbi aAMMHMcrparopa, ecrecrBenno, 

B TOM cnynae, ecnM mx Aannwe pacnonaraiorcn 
Ha AncKe c (jjaPinoBoPi cMcreMoPi NTFS 5.0. CaM 
npouecc uiMrJjpoBaHMn/AeuiMrjjpoBaHMB npoMC- 
xoAMT aBTOMaTMHecKM M aOconioTHo npoapanen 
Ann nonbaoBarenn. To ecrb c (jraPinoM mowho 
paOorarb rax we, xax m ao ycranoBKH ero aaipM- 
Tbi. hlanpMMep, mowho aanycTMTb ra6/iMHHbiPi 
npoueccop Excel, aarpyaMTb b hbm hboOxoam- 
MbiPi AOKyMeHT, orpeAaKTMpoBarb ero m aareM 
coxpaHMTb. CMcreMa caMa onpeAenner, ecrb m 
y no/ibaoBarenn paapemeHMe na oTKpbiTMe (JraPi- 
na, M B TOM cnynae, ecnn ero ner, ona BWAaer 
cooSiAeHMe 06 oiuMOxe Aociyna (pMC. 1). 

llJii<|>poBaHiie 
<t>aiiiiOB M nanoK 

flnn ujM(|)poBaHMfl MH(|)opMaL(MM yxawMre ne- 
obxoAMMbie (|)aPin vim nanxy, BbiaoBMre koh- » 
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Phc. 4. Okho Bbi6opa paspemeHHii 
Ha AOCTynHbie AeiicTBHfi c pecypcoM 


» TeKCTHOe M6HIO M B H6M Bbl6epHTe KOMaHfly 

«Properties». B okh6 cbomctb na BKJiaflKe 
«General» Ha>KMMaeM KHonKy «Advanced». 

B noBBMBmeMCfl okh 6 «Advanced Attributes*, 
oTMeuaeM nyuKT «Encrypt content to secure 
data* («LLlM4)poBaTb cofleprnuMoe pna aaipuTbi 
flauMbix*) (puc. 2) M HawuMaew KHonKy«0K». 
riocne noATBeprKAeumi Buecenubix usMeue- 
HMM B CBOMCTBa <^3v\m \/\m nanKM nojiBnfieTCJi 
OKHO Bbibopa pe>KMMa mn4)poBaHmi. B cnyuae 
ujMtJrpoBaHmi oTAenbHoro (^ama AOCiynHw 
pewHMbi «Encrypt the file and the parent 
folder* («LLlM4)poBaTb (|)aMA m poAMieAbCKyio 
nanxy*) m «Encryptthe file only* («LLlM4)po- 
B3Tb TonbKo c()aMn»). B CAynae ujM4)poBaHMA 
nanKM mowho Bbihpaib pewuMw «AppLy chan- 
ges to this folder* («TonbKO k 3tom nauKe*) 
MAM «Apply changes to this folder, subfolder 
and files* («K 3 tom nanKe m Bcew BAo>KeHHbiM 
nauKaM m cfraMAaM*) (pMC. 3). 

HeohxoAMMo CKaaaib, hto noAbaoBareAAM 
(b hoAbiueM creneHM 3 to othocmtca k bamm- 
HMCTpaTopaw) He ctomt lUMcfipoBaTb le c()aMAbi, 


CkicieMa Information 

Ctomt OTAeAbHO paccKasaTb eu^e o6 oahom 
T exHOAorMM 6e3onacHOCTM, KOTopan He hb- 
AAeTCH MHTerpMpOBaHHOM B OC Windows 
Server 2003, ho ee bo3mo>khoctm bxoaat 
B paMKM AaHHOM CTaTbM. 3T3 TeXHOAOCMH 
HOCMT Ha3BaHMe Information Rights Mana- 
gement (IRM), M OHa BnepBbie peaAMSOBa- 
Ha B Microsoft Office 2003 m cny>K6ax Win- 
dows SharePoinL TexHOAorMH IRM no3BO- 
AAeT pacnpeAeAHTb m orpaHMHMBaTb b ao- 
KyMeHTaX tpyHKpMM KOnMpOBaHMH, BCTaBKM, 
nenaTM, a aah sneKTpoHHbix coo6meHMM 
M OTnpaBKM. Ho CaMOM MHTepeCHOM HBAHeT- 
CA B03M0>KH0CTb pasrpaHMHeHMA AOCTyna 
K OTAeAbHbIM HaCTAM OAHOCO AOKyMOHTa. 

To eCTb npM COBMeCTHOM paOOTe HeCKOAb- 



KOTOpbie HaXOAATCA B CMCTBMHOM KATaAore, 
TAK KaK OHM MOryT 6blTb HeohxOAMMbI AAA 3a- 
rpysKM cMCTewbi, b npopecce KOTopoM asiam- 
4)pOBaHMe HeB03M0)KH0, M B peByAbTATe 3TOrO 
CMCTewa MoweT noTepATb pa6oTocnoco6- 
HOCTb. OC npenflTCTByeT B03HMKH0BeHMK5 Ta- 
KOM CMTyaAMM M He n03B0AfleT lAMCfipOBaTb 
4)aMAbi, MMeioiAMe arpnGyr «CMCTeMHbiM». 

B OTAMHMM OT Windows 2000 Server, w2k3 
paapemaeT opraHM30BbiBaTb coBnecTHbiM ao- 
CTyn K aaiAMtJrpoBaHHbiM 4)aMAaM, KOTopwe 
HaxoAATCA Ha ohiAMx ceTeBbix pecypcax. flAA 
coBASHMA TaKoro AOCTyna hboOxoammo chobb 
nepeMTM k oKHy «Advanced Attributes* m 
b Hew HarKBTb KHonxy «Details». Hoabmtca 
HOBoe OKHO, M, HawaB B HeM KHonKy «Add», 
MO)KHO nepeMTM k OKHy AohaBAeHMA noAbso- 
BaTeneM, KOTopwe cworyT pahoTaTb c aaiuMcJ)- 
pOBBHHblM (JjaMAOM. 

OTKAIOHeHMe llJM(|)pOBaHMA (|)aMAOB M ABnOK, 
TBKtKe npoMCxoAMT B oKHe «Advanced Attribu- 
tes*, B KOTOpOM HeobxOAMMO c6p0CMTb c()Aa>KOK 
c nyHKTa «Encrypt content to secure data*. 


Rights Management 

KMX He/lOBeK C OAHMM AOKyiVieHTOM Ka>KAO- 
My M3 HMX MO>KHO yKasaib Te pasAejibi ao- 
KyMeHia, c KOTopbiMM OH CMO>KeT paSoiaib, 
M saKpbiTb AOCTyn k APyrMM. 3 to hosbo/imt 
H ecKO/ibKMM nojibsoBaie/if^M peAaKTMpo- 
Baib AOKyivieHTbi, C0Aep>KaLAMe KOH4>MAeH- 
UMa/ibHyio MHc]}opMai4Mio, ypoBeHb Aocryna 
K KOTOpOM y paS/lMHHbIX H/IOHOB KO/lJieKTM- 
Ba HeoAMHaKOB. TaK>Ke 3 to hosbo/imt MsSe- 
>KaTb koh4>/imktob npM o6"beAMHeHMM we- 
CKOJlbKMX HaCTOM, C03AaHHblX paSHbIMM aB- 
TOpaMM, B OAMHblM AOKyMeHT. ri/lKDC K 3T0My 
MO>KHO yCTaHOBMTb M CpOK >KM3HM AOKyMOH- 
Ta, no MCTeneHMM KOToporo oh npocTO ne- 
pecTaHOT OTKpbiBaibCfi. Bee CKaaaHHoe ot- 
HOCMTCfl M K HMCbMaM 3JieKTpOHHOM HOHTbl. 



Co3AaHMe 

areHTO BOCCTOHOBiieHiin 

CaMaA cepbesHBA oiamOkb, KOTopyio ponycKa- 
K)T npM paboTe c EES, — McnoAbayn Ha CBoew 
KOMAblOTepe CMCTeMy lAM^pOBAHMA paHHblX, 
noAb30BaTeAM 33TeM no kbkom-am6o npMHMHe 
nepeycTanaBAMBaroT OC. flocAe 3 tom onepa- 
AMM Bce TBKMe AaHHbie bypyr 6e3B03BpaTH0 
yTepAHbi, TBK K3K AOCTyn K HMM B npepbiAy- 
ipeM OC, Ha KOTopoM OHM M 6biAM BaiAMtJrpoBa- 
Hbi, MMeAM pea noAbaoBaTeAA — tot, kto npo- 
BeA onepariMK) ujM4)poBaHMfl, m areHT bocctb- 
HOBAeHMA. OlAMbKa 3aKAK)HaeTCA B TOM, HTO 
AAA peKOpMpOBaHMA ABHHblX HeobxOpMMO 
npeptABMTb CepTMCfiMKaTbl OpHOrO M3 3TMX 
noAbBOBaTeAeii, a aaa 3Toro mx HeobxopMMo 
bblAO BKCnOpTMpOBBTb M COXpBHMTb, HerO 
oneHb nacTo He peAaeTCA. 

flpoAepypa coapanMA arenTa bocctbhob- 
AeHMA pOAMHa BbinOAHATbCA HB KOMAbtOTepe, 

Ha KOTOpOM nABHMpyeTCA MCnOAbaOBBTb CM- 
CTeMy EES. Ha nepBOM 3Tane HeobxopMMo 
coapaTb cepTM(j)MKaT areHTa BoccTanoBAe- 
HMA. flAA 3TOrO BOMpMTe B CMCTBMy AOp yHBT- 
HOM aanMCbK) apMMHMCTpaTopa. B kombhahom 
CT poKe aanycTMTe KOMaepy cipher /R:mma- 
OaMAB (6ea paciiiMpeHMA). flocAe 3Toro no 
aanpocy CMCTeMu pBarKpbi BBepMTe napoAb, 

KOTOpblii HeobxOpMM pAA aaipMTbl AMHHOrO 
KAtona. BypeT coapano pea <^ama: opMH c 
paciAMpeHMeM .cer, copeprKaipMM toabko cre- 
HepMpOBaHHblM KAIOH, BTOpOM C paClAMpeHM- 
eM .pfx, copeprKaipMM noMMwo KAiona m cep- 
TM(J)MKaT areHTa BoccTanoBAenMA. PeKowen- 
pyeTCA coxpaHMTb MX Ha AMCKeTy mam hb akj- 
6o\a ApyroM HocMTeAb. 

flAA MMnopTB CepTMtJjMKBTa BOCCTBHOBAe- 
HMA HB APyroM KOMAbioTep HeoOxopMMo 3Bpe- 
rMCTpMpOBBTbCA H3 HeM KBK apMMHMCTpaTOp, 
aanycTMTb ocnacTKy «Certificates» m b nefi 
nepeMTM k yany «Certificates» b nanxe «Per- 
sonal*. B KOHTeKCTHOM mbhio M3 paapena «All 
Tasks* aanycKaeM nponecc mmaoptmpobbhma 
pfx-c()aMAa (pMC. 5). » 
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Pmc. 7. BnaAeneA nepeAaHHoro cepm- 
(|>HKaTa CTan areHTOM BoccTaHOBneHHn 


» Tenepb Heo 6 xoflHMo yKaaarb, hto s/iafle- 
;iei 4 flaHHoro ceprM(|)MKaTa jiB/ijieTCJi areHTow 
BoccraHOB/ieHMji mn(|)poBaHHbix flasHbix. 
aroro Hy>KHO npocJieAOBarb no nyrn «Start ^ 
Administrative Tools ^ Local Security Poli- 
cy*. B noflBMBmeMCJi oKne «Local Security 
Settings* Bnyipn ya/ia «Public Key Policy* or- 
KpbiBaen nanxy «Encrypting File System* n b 
KonreKCTHOM Memo aanycKaew Kowanfly «Add 
Data Recovery Agent...* (pnc. 6 ). HaHner 
Bbino/iHSTbCJi wacrep Add Recovery Agent 
Wizard. HarKarneM na Knonxy «Browse Fol- 
ders* yxaabiBaeM pacnojiorKenne panee co- 
aflannoro 4)aii;ia c pacmnpenneM .cer. Flocne 
aroro ceprnrfrnKar 6 yAer ycnemno MMnoprn- 
poBan na AannsiM KOMUbiorep, a ero B/iaAeneu 
no/iynnr craryc arenra BoccranoB/ieHnji. 3ro 
yKaaano b cro/i 6 i 4 e «Intended Purposes* — 
ronbKO Hro MMnoprnpoBaHHbiM ceprnrJjMKar 
odoanaHen KaK«File Recovery* (pnc. 7). 

EesonacHOCTb 
ceresbix npMHTepoB 

He Menee BarKHWM jiBnaercB odecneHenne 
Aon>KHoro ypoBHji deaonacHocrn npnnrepoB, 
BbiAeneHHbix Arm odmero ncnonbaoBannfl. 
HenpaBM/ibHoe pacnpeAenenne ypoBHji ao- 
cryna k hum MewAy nonbaoBarenriMM cern 
Morxer npnBecrn k BecbMa nenpnarnbiM no- 
cneACTBrmM, Hammafi or do/ibiuoro ypoBHJi 



Pmc. 8 . OnpeAeneHMe (|>yHKAiiM, Aocryn- 
Hbix Ann nonbsoBaTenn rpynnbi 


Mcno/ibaoBani/m pacxoAHwx warepna/iOB ao 
deaBoaBparnoii norepn AOxyMenroB. 

ManaHa/ibHo Bce coaAannbie cereBwe 
npnnrepbi Aocrynnbi Arm ncnonbaoBani/m 
BceMM KnnenraMM noKanbHoii cern. flrm pac- 
npeAeneni/m ypoBHji Aocryna k npnnrepy ne- 
odxoAMMO dbiTb BTO BnaASribAeM nnn nwerb 
cooraercrByioiAee paapemenne. 

ynpaBnenne couckom (JrynKLiMii, Koropue 
dyAyr onpeAenenw Arm roro nnn nnoro nonb- 
aoBarenji nnn nx rpynnw, npoBOAnrcn b okhb 
cBoiicrB Ka>KAoro npnnrepa na BxnaAKe 
«Security» (pnc. 8). CnncoK Aocrynnux asm- 
cTsm, Koropbie mowho Haanannrb nonbaoBa- 
rermM, npnaeAen b radn. 1. Fcnn na aroii 
BKnaAKe Hawarb Knonxy «Advanced», orxpo- 
ercfl OKHO AononnnrenbHbix nacrpoeK deao- 
nacHocTM, B KoropoM, nepewAfl ko BxnaAKe 
«0wner» (pnc. 9), BnaAeneri npnnrepa Mower 
nepeAarb cbom npaaa ApyrnM nonbaoBarenriM 
cern, c coorBercTByioiAMM AenernpoBanneM 
paapemennn na npoBeAenne paannnnbix Aeii- 
crBnii, Aocrynnbix Arm BnaAsnbAa aroro 
cereBoro npnnrepa. 

Manananbnbie ycranoBKn Windows Server 
2003 BbiAaior paapemenns «Manage Printers* 
M «Manage Documents* ronbxo reM nonbaoBa- 
rermM, Koropue BXOAnr b rpynnw «Admini- 
strators*, «Print Operators* n «Server Opera- 
tors*. Bce ocranbUbie nonbaoBarenn nMeior 



paapemenne «Print», ro ecrb MoryrynpaBrmrb 
nenarbio ronbKo codcrBennwx AoxyMenroB. 

AyAMT CMCTeMHOM 

6e3onacHOCTM 

flrm yBeriMHennfl ypoBns deaonacnocrn cn- 
creMbi raxwe cneAyer peryrmpno npocMa- 
rpnaarb wypnan codbirnii «Fvent Viewer* 
n ocodoe anuManne yAermrb ero paaAeny 
«Security», b KoropoM coAepwarcn aanncn, 
orodpawaioiAne pewuMw padorw Been cn- 
creMbi deaonacnocrn. 3ro noaBonnr aaMe- 
rnrb nonbirxn npoBeAennn necanxunonnpo- 
Bannbix Aencrenii, ocyiAeCTBnennji neaaropn- 
aoBannoro Aocryna n rax Aanee n npnnjirb 
neodxoAnMbie npeBenrnBnwe Mepw. 

SaKiiiOHeHMe 

Ha ceroAnnmnnn achb onepaAnonnan cnc- 
reMa Windows Server 2003 nenneren nando- 
nee aaiAniAennon cncreMon or Microsoft, 
npeAocraBrmioiAen ee nonbaoBarennM na- 
Aewnyio aaiAnry Aannbix. OAnaxo ne cronr 
aadbiBarb o roM, nro nenban noerponrb aa- 
lAniAennyio cncreMy, eenn ee nonbaoBarenn 
ne dyAyr codmoAarb aneMenrapnbix Mep de- 
aonacnocrn n cranyr, nanpnMep, aanncbi- 
Barb codcTBennwe naponn na dyMare, ao- 
crynnon Ann odiuero odoapennn. 

■ ■ ■ Mropb IlbDKOB 


Ta6/i. 1. CnMCOK paapeuieHHbix onepauMM npn pa6oTe c npMHTepoM 

c&yHKUkiM nenaTM, 

Paspemennn 

KOTOpbie MO>KHO BbinO/IH^Tb 

Print 

Manage Printers 

Manage Documents 

nenaiaTb AOKyMeHTbi 

• 

• 

• 

npHOCTaHaB/iMBaib, npoAO/imaib, nepesanycKaib 
M OTMeHflTb nenaib AOKyMeHia, 
npnHaA/ie>KaiAero no/ibsoBaie/iio 

• 

• 

• 

ycTaHaB/iMBaib coeAHHeHne c npMHiepoM 

• 

• 

• 

ynpaB;i5iTb ycraHOBKaiviM a^h Bcex aaAaHHPi nenaiM 

- 

• 

• 

npHOCTaHaB/iMBaib, nepesanycKaib 
M yAa/ifiTb Bce AOKyMeHTbi 

- 

• 

• 

BblAe/lRTb npUHTepbl B COBMeCTHOe MCno;ib30BaHMe 

- 

• 

- 

MSMeHfiTb CBoPicTBa npMHTepa 

- 

• 

- 

yAa/iJiTb npMHTep 

- 

• 

- 

MSMeHfiTb paspeiueHHR npMHiepa 


• 

- 
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pacnpefle/ieHMe npae flociyna m noriHOMOHUM 


HtO AOSBOJieHO 



ripn yciaHOBKe Windows Server 2003 B03HHKaei Bonpoc o tom, KaKne npa 
Ba AO/DKHbi 6biTb npeAOCTaB/ieHbi no;ib30BaTe;iio n;in rpynne, KaKne Aeii- 
CTBHfi c oOteKiaMn c|3an;iOBon cncieMbi NTFS AO/DKHbi 6biib paapemenbi, 
BeAb He6o;ibiune cein ctpobtcb naiue Bcero na ocHoae paOonnx rpynn. 


CHIP SPECIAL N^ll 


r pynna — 3 to Ha6op yneTHbix sanMcew 
no/ibsoBaTe/ieii, nMeiomux oflunaKOBbie 
npasa m paapemeHuji. Mabh rpynnbi 
MMeer npasa, npeflocraBJieHHbie rpynne. 
ripn Ao6aB/ieHMM habhob b rpynnw Heo6xo- 
flMMo yHMTbiBarb CABAyioiMee: 

► ciaHOBjicb HA6HOM rpynnbi, noAbaoBaienb 
noAyHaei Bce npaBa m paapemeHmi, npeflo- 
ciaBAeHHbie rpynne; 

► noAbaoBarejib Moxei BxoAMTb b HecKo/ibKo 
rpynn (rpynna npeAcraBAsieT co6om Bcero 
nrnub CHMCOK habhob). 

B rpynne Moryr 6birb cosAanw rpynnw 6o/iee 
HMSKoro ypoBHB, HanpuMep, b rpynne, cootbbt- 
CTBytoiAePi OTABAy, Moryr 6wTb coBAanw rpynnw, 
cooTBercTBytoiAne 6iopo. Kpowe roro, hbkoto- 
pwe no/ib30BaTenn Moryr pa6oraTb toabko na 
KaKMx-To onpeAeneHHwx KOMnbioTepax. TaKUM 
o6pa30M, nonb30BaTBAn Moryr o6beAHHBTbcji 
B rpynnw no (JjyHKAHOHanbHOMy m reorpa(J)MHe- 
CKOwy npM3HaKaw, to ecib Moryr coBAaBaTbcn 
KaK pa6oHne, rax m noKanbHwe rpynnw. 

SanucfiMM 0 aoKa/ibHwx rpynnax ynpaann- 
er SAM (Security Accounts Manager, AHcner- 
nep yneTHbix aannceu 6e3onacHocTu), koto- 
pwM npeAciaBAfieT co6om noKa/ibnyio 6aay 
AauHwx CMcreMw 6e3onacHocTu. AoKanbHwe 
rpynnw ncno/ib3yioTCJi A^a npeAocTaBneHua 
paapemeHMM ua Aociyn k pecypcaM n npeAO- 
CTaBneHMJi npae na BbinonHenne cmctbmhwx 
3aAan tojibko ua tom KOMnbioTepe, ua koto- 
poM C03AaHa Aannaa rpynna. B OTnnnue ot pa- 


6ohmx rpynn noxanbubie ne mo- 
ryT 6biTb HnenaMM Apyrnx rpynn. 

Ana C03AaHna noKanbHon rpyn- 
nw hbo6xoammo 6wTb nnenoM «Adm1n1- 
strators» («AAMMHMCTpaTopw») nan 
«Account Operators* («0nepaTopw ynera*). 

KpoMB Toro, Windows Server 2003 npu 
MHCTannaAMM no yMonHanmo co3AaeT ne- 
CKonbKO rpynn c npeAonpeAeneHHWMU npa- 
B3MM ua BbinonueHue cmctbmhwx bbabh 
H a noKanbHOM xoMnbiOTepe. VAanuTb 3tm 
sapanee cosAannwe rpynnw HeB03M0>KH0 
HMKaKMMM cnocoOaMM. 


TaKTMKO II CTpaTemn 

rionbaoBaTenb, wenaioiAMM nonyuMTb ao- 
CTyn K pecypcaM, AOn>KeH MMeTb yneTHyio 
3anMCb Ha AannoM xoMnbiOTepe. Ecnu ne- 
CKonbKMM nonb30BaTenaM TpeOyerca MMBTb 
AocTyn K OAHMM m tbm >Ke pecypcaM, cne- 
AyeT co3A3Tb rpynny Ana npeAOCTaBne- 
HMa npaB, a sareM AoOaBMTb b nee nonb- 
30BaTeneii. 3 tot cnoco6 MSBecTen noA 
Ha3BaHMBM cTpaTerMM ALP, KOTopaa saxmo- 
HaeTca b cneAyiou^eM: 

► A (Account) — AoOaBMTb nonbsoBaTena b 

► L (Local Group) — noxanbuyio rpynny ua 
TOM KOMnbiOTepe, Ha KOTopoM pacnonaraeTca 
sanpaiuMBaeMwii pecypc; 

► P (Permission) — npeAocTaBMTb 
paapemeHMa mam npaea noKanbHOM 
rpynne. 


ynpaBJieHne flOciynoM 


K oeteKTaM 


59 



fpynnbi, aBTOMaTHHecKH cosAaeae- 
Mbie Windows Server 2003 


» Ec;im npaea Moryr SbiTb npeflocTas/ienbi ny- 
T6M floSaBjieHMfl no/ib30BaTe;ifl bo BcrpoeHMyio 
rpynny, to c/ieAyer nocrynuTb MweHHO tbk. 

KqK COXpaHMTb CexpeTbl 

®aM/ioBaB cMCTewa NTFS nosBo/iBer HaAe;iBTb 
no;ib30BaTe/ieM pa3/iMHHbiMn npaBawn m yn- 
paBJijiTb ypoBHew Aocryna k pecypcaw, a raK- 
we ujMcJjpoBaTb (Jjaiijibi na amckc. 

PaapemeHMBMM HaAe/iBioTCfi no/ibaoBare/ib 
M rpynna, KOTopbiM Heo6xoAHM Aocryn k pe- 
cypcy. PaapemeHMJi Ae^CTByiOT HeaaBucuMo 
oTToro, ocymecTB/iBeTCB Aocryn k pecypcy 
Ha A3HH0M KOMHblOTepe V\m no C6TM. 

Ta6n 1114a 

ynpoBneHun AOcrynoM 

NTFS xpaHMT Ta6;iMLiy ACL (Access Control List, 
Ta6nnna ynpaBneHnn AOCTynow), b KOTopoM 
onpeAe/ineTCB ypoBenb Aocryna nonbaoBaie- 
na, rpynnbi m Kownbiorepa k (jraMnaw m nanKaM 
NTFS-pa3Aena. flna Aocryna no/ibaoBarenB 
K pecypcy b ja6nv\u,e ACL AO/DKHa coAepwaib- 
CB 3anncb ACE (Access Control Entry, 3anncb 
ynpaB/ieHMB AocTynow), onwcbiBaioiAaB paa- 
pemeHHbie AewcTBHB. 

OTKoppeKTi/ipoBaib ACL m ACE mo>kho npw 
noMoiAM KOHCOBM 6e3onacHocTM — «Start 
Administrative Tools ^ Local Security Policy*. 

ripn MHCTan/iBLiMM Windows Server 2003 
aBTowaTHHecKM HaAe/meT rpynny «Users» 



paapemeHMeM to/ibko Ha HienMe, npw 3 tom 
rpynna 6yAer MMeib AOcryn Ha HTenwe Bcex 
nanoK m (jjawBOB, coaAaHHWx b Kopne. 

PaspeuieHiin NTFS b CMCTeiuie 
Windows Server 2003 

Ho yMOBHaHMio no/ibaoBare/iM, nonyHMBUJMe 
paapemeHMB na Aocryn k nanxe, nonynaioT 
AocTyn k BBo>KeHHbiM nanKBM m (JrawBaM. 

Ecbm paapemeHMB na Aocryn nweiOT m nonb- 
aoBare/ib m rpynna, HnenoM Koropoii oh bb- 
BBercB, TorAa raKOM noBbaoBarenb no/iynaeT 
HecKo/ibKo paapemeHMM na Aocryn k oAHOMy 
M Towy we pecypcy. 

06i>eAiiHeHHe paspeuieHMii 

flewcTByioiAMe abb noBbaoBaieBB paspemeHMB 
Ha AocTyn k pecypcy no/iynaioTCB oOteAWHe- 
HMew paapemeHMM NTFS, npeAocraBBeHHwx 
noBbaoBaieBK) m rpynne, HBeHow KoiopoM 
OH BBBBercB. HanpMwep, ec/iM noBbaoBaieBb 
Mweer paapemeHMe Read na Aocryn k nanxe 
M BBBBeTCB HBeHOM rpynnbi, MweioiAeM paape- 
meHMe Write Ha ly we nanxy, TorAa laKOM 
noBbaoBaieBb noBynaei paapemenMB Read 
M Write Ha ary nanxy. 

OaHA BawHee nanKu 

PaapemeHMB na Aocryn k 4)aMBaM MMeioT npM- 
opMTer HaA paapemeHMBMM na Aociyn k nan- 
Kaw. HanpMMep, noBbaoBareBb c paapemeHM- 



eM Modify na (JraMB wowei bhochtb M3Mene- 
HMB B 3TOT (|)aMB ASWe B TOM CByHae, eCBM 
MMeeTTOBbKo paapemeHMe Read Ha nanxy, 
coAepwaiAyio ashhum (jraMB. 

SanpeT — raaBHoe paspeuieHne 

flBB noBbaoBaTe/iB AOCTyn k xoHKpeTHOMy 
(fiaM/iy MBM nanxe mowho aanpeTMTb, aaABB 
paapemeHMe Deny (otkbohmtb). Ecbm no/ibao- 
BaTe/110 xax H/ieHy rpynnbi paapemen AocTyn 
K cfraMBy mbm k nanxe, to aanpeT oTMeHBeT Bce 
paHee npeAocTaBBeHHwe paapemeHMB. 

Fpynnbi m pecypcw HywHo opraHMaoBWBaTb 
TaxMM oOpaaoM, htoOw abb ynpaBBeHMB ao- 
cTynoM 6bmo aoctatohmo paapemeHMM. 

flpeAOTBpaiMeHiie 

HacneAOBaHiin 

rioyMo.nHaHmo paapemeHHJi, Koiopbie npe- 
flocTaB.neHb[ poflnie/ibCKOM nanKe, Hac/ieAy- 
K)TCfl B.no}KeHHbiMM naHKaMM M (JjaPi/iaMM, 

TO ecTb nepeHocflTCfl Ha hmx. 

HTo6bi npeflOTBpaiHTb Hac.neAOBaHMe paa- 
pemeHMM, coxpaHHie To.nbKo re H3 hmx, koto- 
pbie 6bi.nM npeAocraB.neHbi ABHbiM o6pa30M. 

Ta B.no>KeHHafl nanKa, p,n^\ KOTopoM npe- 
AOTBpaiAaeicfl nac/ieAOBaHMe paapemeHMM 
OT cooTBeicTByioLAeM poAHTe.nbCKOM nanKM, 
CTaHOBMTCfl HOBOM pOAMTe.nbCKOM naOKOM M 

B.no>KeHHbie b HeM nanxM m 4)aM.nbi Hac/ieAy- 
K)T npeAociaB/ieHHbie a^^i Hee paapemeHMB. » 


Ta6ii. 1. CTaHflapTHbie paapeiueHMii ho AOcryn k nanKOM n <t>aiiiiaM NTFS 

PaspeuieHiin 

Ha flocTyn k nanae NTFS 

Ha Aocryn k (]>aMAaM NTFS 

Read (HTeHMe) 

npocMarpMBaTb (j)aMBbi m B/ioweHHbie nanKM b ashhom nanKe, 
a TaKwe aTpM6yrbi nanKM, mmb BAaAe/ibua m paspemeHMB 

HMTaTb (fjaMA M HpocMaTpMBaTb ero aTpM6yrbi, mmb BBa- 
Ae/ibua M paapemeHMB 

Write (aanMCb) 

COBAaBaTb HOBbie (})aMBbl M BAOWeHHbie nanKM, MBMeHBTb 
aTpMpyTbi nanKM, npocMaTpMBaTb mmb BAaAeAbua nanKM 
M paapemeHMB 

nepesanMCbiBaib coAep>Kmvioe (\>ama, MaivieHflTb ero 
arpMOyibi, npocMarpMsaTb mma B/iaAe/iboa (^a\hna m pas- 
pemeHMfi 

List Foider Contents 
(cnMCOK coAepwMMoro nanxM) 

npocMaTpMBaTb MMBHa (})aMB0 B B ashhom nanKe 
M BAOweHHbix B Hee nanoK 

- 

Read & Execute 
(HTeHMe M BbinOAHeHMe) 

BbinoAHBTb A6MCTBMB, BpeAycMOTpeHHbie paspemeHMeM Read 
M paapemeHMeM List Folder Contents 

sanycKaTb npn;io>KeHMyi m Bbino/iHyiTb AeMCTBMfi, npeA- 
ycMOTpeHHbie paspemeHMeM Read 

Modify (MSMeHeHMe) 

yAaABTb nanny m BbinoAHBTb asmctsmb, npeAycMOTpeHHbie 
paapemeHMBMM Write m Read & Execute 

Bbino/iHJiTb asmctbhr, npeAycMOTpeHHbie paspemeHHJiMM 
Write M Read & Execute 

Fuii Controi (noAHbiM AOCTyn) 

OCymeCTBBBTb BCe BOaMOWHbie AOMCTBMB 

OCymeCTB/lflTb BCe BOSMOmHbie ASMCTBHfi 
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» KonHpoBOHiie 
<t>aiiiiOB M nanoK 

ripn KonupoBaHMM yHacjieAOBaHHbix (jjaii/ioB 

M/1M nanoK paapemeHUji Ha Aocryn k hum 
Moryr MeHBTbca. flpM KonupoBaHMM b npeAe- 
;iax oAHoro NTFS-pa3Ae;ia m;im mbwav NTFS- 
pa3Ae;iaMM kohmji Hac/ieAyer paapemeHMs, 
npeAocraBJieHHbie tom nanxe, Koropan cra;ia 

AT1B CKOHMpOBaHHblX pOAMTe/IbCKOM. 

HTo6bl KOHMpOBaTb B pBMKBX OAHOTO NTFS- 
pa3Ae;ia m;im mbway NTFS-pa3Ae;iaMM, Heo6- 
xoAMMo Mweib paapemeHMe Read na mcxoa- 
Hyio nanxy m paapemeHMe Write Ha nanxy, 

B KOTopyio 6yAer npoM3BeA6Ho KonMpoBanMe. 



flepeMeiueHiie 
<|>aiiiiOB M nanoK 

ripM nepeMeiABHMM nanxM m^m <^ama b paMxax 
NTFS-pa3Ae;ia coxpaHsuoTCB mx nepBOHanaaib- 
Hbie paapemeHMfl. Flpn nepeMeiAeHMM mbmay 
NTFS- pa3Ae;iaMM naoKa m^m (J)aM;i nacneAyer 
paapemeHMfl pe/ieBOM nanxM. Hrodbi nepeMe- 
lAaib cjjaMnbi m nanxM, neodxoAMMo MMeib paa- 
pemeHMe Write Ha AeaieByra nanxy m paapeme- 
HMe Modify Ha MCxoAHyio nanxy m^m (J)aM/i. 
PaapemeHMe Modify TpeSyercji ab^i nepeweiAe- 
HMfl nanKM m;im t^ama, norowy hto npM nepe- 
MeiAeHMM nocne BbinonHeHMs KonMpoBaHMs 
McxoAHaji nanKa m^m (JjaiiB yAa/iJieTCfl. 



Mcnonb 30 BaHiie 
paspeiueHMM NTFS 

AAMMHMCTparopbi M noAbaoBareAM, MMeioiAMe 

paapemeHMe Full Control, BAaAeAbAw c()aMAOB 
M nanoK Moryi npeAocraBAflTb noAbaoBareAAM 
M rpynnaM paapemeHMfl Ha (JjaiiAbi m nanxM. 

BcerAa npeAocraBAflMTe paapemeHMfl 
B COOTBerCTBMM C peaAbHbIMM nOTpedHOCTfl- 
MM rpynn m noAbaoBareAeM. FlpeAociaBAeHMe 
paapemeHMM NTFS npoMaBOAMTcji b ambaoto- 
BOM oKHe «Properties» aba KOHxpeTHOM nanxM. 

flpM npeAocraBAeHMM mam MaMeneHMM paa- 
pemeHMM NTFS Ha (J)aMA mam nanxy mowho 
A odaBAflTb MAM yABAATb noAbaoBBTeAeM, rpyn- 
nw MAM xoMnbX)Tepbi c paapemeHMflMM hb ao- 
CTyn X HMM. 

Ha BXABAxe «Security» AMaAoroBoro oxhb 
«P roperties» aba cfiaMBa mam nanxM aaAaxJTCA 
napaMerpbi, npMBeAeHHbie b tb6a. 2. 

PexoMeHAyercA noaBOAMTb CMcreMe 
Windows Server 2003 nepenocMib paape- 
meHMA, npeAocraBAeHHbie aba poAMieBb- 
cxoM nanxM, Ha coAeprxaiAMeCA b hbm bao- 
rxeHHbie nanxM m ifiaMBbi. 

flAA npeAOTBpaiAeHMA HacAeAOBaHMA bao- 
rxeHHOM nanxoM mam i|)aMAOM paapemeHMM 
poAMTeAbcxoii nanxM HarxMMie xHonxy «Ad- 
vanced» na BXAaAxe «Security» oxna 
CBOMCTB nanxM. flocAe aroro cHMMMie (Jjab- 
)Kox «AUow inheritable permissions from 
parent to propagate to this object and all 
child objects. Include these with entries ex- » 


To6n. 2. Bo3imo}khoctm onpeAeJieHMn pa3peujeHMM ajih nonb30BaTen{i 

□apaMerp 

OnMcaHMe 

Name (mma) 

BbiOop noAbsoBareAfl mam rpynnbi, aba KOTopbix TpeSyercfl MSMeHMTb 
paspemeHMfl mam KOTopbie ipeSyeTCfl yAaAMTb M3 npMBeAeHHoro 
CHMCXa 

Permissions (paspemeHMs) 

Allow (paspemMTb) — npeAOCTaBMTb cooTBeTCTBymiAee paapemeHMe. 
Deny — sanpeTMTb cooTBeTCTBymiAMe AeMCTBMfl 

Add (AoSaBMTb) 

OTxpbiTb AMaAoroBoe OKHO nSelect User, Groups, or Computers* 
(«Bbi6op noAbsoBateAfl, rpynnbi mam KOMnbX)Tepa»), McnoAbsyeMoe 
AAfl Bbidopa noAbsoBareAeM mam rpynn, AodaBAseMbix b cbmcok 
N ame 

Remove (yAaAMTb) 

yAaAMTb BbiSpaHHyx) sanMCb noAbsoBateAfl mam rpynny 


Ta6n. 3. Bo3mo)khoctm oSiieKTOB no HacneflOBOHino paapeuieHMM 


BapnaHT OnncaHMe 

Copy KonnpoBaHMe yHac/ieAoeaHHbix paspemeHHM ot poAMie/ibCKOM nanKM 

A/151 B/io>KeHHbix nanoK m (|)aM;ioB m sanpeLneHMe Aa^bHeMLuero 
Hac/ieAOBaHMR paapemeHMM 

Remove yAa/ieHMe yHacneAOBaHHbix paapemeHMM Bno>KeHHbix nanoK m 

4>aM/ioB, coxpaHeHMe TO/ibKO rex paapemeHMM, KOTopbie 
npeAOCTaB/ifltOTCfl b abhom bma6 


Ta6ii. 4. Bo3MO)KHbie 3HaHeHMn cneitMOiibHbix pa3peujeHMM 

□apaivieTp 

OnMcaHMe 

Name (mms) 

onpeAeAfleTce mma noAbaoBareAe mam rpynnbi. flAe BbiSopa OAHoro M3 hmx 
H arxMMTe XHonxy "Change* 

Apply to (npMMeHflTb) 

onpeAeAfleTce ypoeeHb MepapxMM nanxM, Ha xoTopoM HacAeAyioTce stm 
cnepMaAbHbie paapemeHMe NTFS. SnaMeHMeM no yMOAHaHMX) eBAeeTce 
"This folder, subfolders and files* («flAe stom nanxM m BAorxeHHbix b Hee 
nanoK m (JiaiiAOB*) 

Permissions (paapemeHMe) 

HasBaHMR cnei4Ma;ibHbix paapemeHMM 

Apply these permissions to objects and/or containers within this container 
only (npMMeHflTb 3 tm paapemeHMe k o6t>eKTaM m KOHTeMHepaM toasko 
BH yrpM 3Toro KOHTeiiHepa) 

onpeAe/iseTCfl B03M0>KH0CTb Hac;ieflOBaHMfi B/iomeHHbiMM nannaMM m 
(J) aM;iaMM cneuMa/ibHbix paapemeHMM 
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» plidtly defined here» («nepeHocnTb nacne- 
flyewbie or poflnre/ibCKoro odteKia paapeiae- 
HMfl Ha 3TOT odbeKT M Bce BnoweHHbie odteK- 
Tbl. BKJlIOHMTb MX C flBHHblMM, BBHO OnpeAfi- 

neHHbiMM 3 Aecb») m BwdepMre oamh ms p,b\/x 
BapMaHTOB, OHMCaHHblX B Ta6n. 3. 

Cnei4ManbHbie paspeuieHiin 

CnepManbHbie paapemeHMs paiOT donee ujm- 
poKMe BoaMowHocTM npepocTaBneHHB npae 
Aocryna k pecypcaM. CraHAapTHbie paapeme- 
HMB NTFS npeACTaBnnioT co 6 om paa/iMHHwe 
coHeiaHMJi TpMHaApaTM cnepManbHbix paape- 
meHMM. HanpMMep, craHAapTHoe paapemeHMe 
Read paadMBaercn na cnepManbHwe paapeme- 
HMB Read Data (HieHMe AaHHwx), Read Attri- 
butes (HieHMe aipudyioB), Read Permissions 
(HieHMe paapemeHMM) m Read Extended Attri- 
butes (HieHMe Aono/iHMienbHbix aipMdyioB). 

PaapemeHMe Change Permissions (cweHa 
paapemeHMM) npeAociaB/mei nonbaoBaiemo 
BoaMowHocib MBMeHnib paapemeHMB p,m\ 
4)aM/ia MnM nanxM, a Take Ownership (cMena 
BnaAenbpa) — ciaib BnaAenbpeM (jraM/ioB 
M nanoK. PaapemeHMe Change Permissions 
odbiHHo Aaeicji ApyrMM aAMMHMCipaiopaw m 
nonbaoBaiennw Ann loro, Hiodw le. He o6na- 
Aan paapemeHMeM Full Control, Mwe/iM npaBo 
MaweHeHMn paapemeHMM na <^av\n vmvi nan- 
Ky. B aioM c/iynae aAWMHMcipaiop m/im nonb- 
aoBaienb He CMowei hm yAannib cfraM/i m^m 
nanKy, hm MaweHMib mx coAepwMMoe, oAHaKo 
CMowei npeAociaennib APyrMw paapemeHMn 
Ha aioi (jjaiin m^m nanxy. 

Hiodbi Aaib aAMMHMCipaiopaw BoaMow- 
Hocib Mawennib paapemeHMn, naAeriMie rpyn- 
ny «Administrators» paapemeHMew Change 
Permissions na ipedyeMbiM (jraMji m^m nanxy. 

PaapemeHMe Take Ownership noaBonnei 
nepeASBaib npaBo B/iaAeHMn oi opHoro nonb- 
aoBaienn ApyroMy m^m x rpynne. K cwene 
B/iaAenbL(a mn nanxM npMMeHnxricn 

cneAyxriAMe npaenna: 

► lexyipMM BnaAenen m^m nxrdoM no/ibao- 
Baiejib, MMexriAMM npaeo Aociyna Full 
Control, MO)xei HaAennib ciaHAapiHbm paa- 
pemeHMeM Full Control m^m cnepManbHbiM 
paapemeHMeM Take Ownership APyroro 
nonbaoBaienn m/im rpynny; 

► aAMMHMcipaiop MO)xei ciaib BnaAenbpeM 
nanxM m/im (fiaMna HeaaBMCMMo oi npepociaB- 
neHHbix paapemeHMM A-nn aioM nanxM m^m 
<^ama. EcnM aAMMHMCipaiop ciaHOBMicn ena- 
Ae/ibpeM, BnaAe/ibLieM ciaHOBMicn m rpynna 
«Administrators», nx/doM H/ien rpynnw 
«Administrators» Mo/xei MaMennib paapeme- 



HMn Ann aioro ^ama MnM nanxM m npeAo- 
ciaBnnib paapemeHMe Take Ownership. 

Hiodbi npepociaBMib nonbaoeaiennM MnM 
rpynnaM cnepManbHwe paapemeHMn, Heodxo- 
AMMo BbinonHMib cnepyx/ipMe AeiiciBMn. 

1. Fla BxnaAxe «Security» AManoroBoro 
oxHa «Properties» Ann (J/aMna MnM nanxM 
Ha/xaib xHonxy «Advanced». 

2. Fla BxnaAxe «Permissions» AManoroBoro 
oxHa «Advanced Security Settings* Bwdpaib 
loro nonbaoBaienn MnM rpynny, xoiopwM 
Hy/xHo npeAociaBMib cnepManbHbie paapeme- 
HMn NTFS, a aaieM Ha>xaib xHonxy «Edit». 

3. B AnanoroBOM oxHe (/Permissions 
Entry* Ann cf/aMna MnM nanxM aaAaib onMcan- 
Hbie B ladn. 4 napaMeipbi. 

OiMeiMM, Hio B donbmMHCiBe cnynaeB 
npeAociaBnnib cnepManbHbie paapemeHMn 
HeodxoAMMociM He BoaHMxaei. 


ripM npeAociaB/ieHMM paapemeHMM Ha ao- 
ciyn K pecypcaM NTFS /xenaienuHO yHMibi- 
Baib cneAyxJLi/Me peKOMeHAapMM. 

► FlpeAociaBnnib paapemeHMn rpynnaM, 
a He nonbaoBaiennM. Sio yMeHbmMi paa- 
Mep ACL M noBbicMi dbicipoAeMciBMe. 

► FpynnMpoBaib b nanxM npMno/xeHMM 
HaMdonee nacio McnonbayeMbie nporpaM- 
Mbi, B nanxM AaHHbix — odipMe (paFinbi 
AaHHbix, B AOMamHMe nanxM — cpaM/ibi 
nonbaoBaienn. flep/XMie AOMamHMe nanxM 
M nanxM AaHHbix na oiAenbHOM paaAene. 

► FlpeAociaBnnib nonbaoBaiennM npa- 
Ba, odecneHMBaraiAMe MMHMManbHO He- 
odxoAMMbiM ypoBeHb Aociyna. 

CoaAaBaib rpynnbi c ypoBHeM Aociy- 
na, ipedyxjLAMMcn H/ienaM rpynnbi, a aa- 
ieM npM HeodxoAMMOciM naAennib mx 
A ononHMienbHbiMM paapemeHMHMM. 



MMHMMyM paspeiueHiiM — 
MaKCMMyM 6e3onacHOCTM 

Ha cxaaaHHoro mwxho cAenaib Asa BbiBOAa. 
riepBbiM aaxnx/naeicn b iom, hio b nx/doM cny- 
nae Hy/xHo cipeMMibcn cbbcim HMcno nonbao- 
Baieneii m rpynn x MMHMMyMy. 3 io odnerHMi 
padoiy aAMMHMCipaiopa m, ecieciBeHHO, ynyn- 
mMi ynpaanneMocib ceiM. 

Bwboa BiopoM — npepociaBneHMe nonb- 
aoBaienx) MMHMManbHo HeodxopMMbix paape- 
meHMM M npaB odecneHMBaei MaxcMManbHo 
BoaMo/xHyx) deaonacHocib. 

FlaAeeMcn, noHMMaHMe loro, xaxMM odpa- 
aoM Mo/xHo aaxpbiib naaerixM Ann xaxepoB 
npM noMoiAM npaBMnbHoro McnonbaoBaHMn 
CMcieMbi paapemeHMM, noMo/xei BaM coaAaib 
AeMCiBMienbHo deaonacHyx) m HaAe/XHo 
(J/yHxpMOHMpyx/iAyx) ceib. 

■ ■ ■ A/iexcaHAp lyauxoB 


ripM npeAociaaneHMM paapemeHMM 
Ha nanxM npMno/xeHMPi naAennib rpynnbi 
«Users» M «Administratorsi> lonbxo paape- 
meHMeM Read & Execute. 3io noaBonMi 
npeAoiBpaiMib cmynaMHoe yAaneHMe mom 
noBpen/AeHMe ashhuix m npMno/xeHMM 
nonbaoBaiennMM MnM BMpycaMM. 

► ripM npeAociaaneHMM paapemeHMM 
Ha nanxM AaHHbix naAennib paapemeHMn- 
MM Read & Execute m Write rpynny i<Users», 
a paapemeHMeM Full Control — BnaAenb- 
14a. Sio Aaei nonbaoBaiennM BoaMorx- 
HOCIb HMiaib M MBMeHnib AOKyMeHIbl, 
coaAaHHbie APycMMM nonbaoBaiennMM, 

M HMiaib, MBMennib M yAannib tpaiinbi 
M nanKM, coaAaHHbie mmm caMMMM. 

► PaapemeHMe Deny McnonbaoBaib 
lonbKO B lex cnynanx, KorAa neodxoAMMO 
aanpeiMib Aociyn k pecypcy. 




XopoLuafi npaKTMKQ 


ripaBMJia, HanHcaHHbie xHSHbK) 
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KaK coxpaHMTb ko h c|} ii a e h u m a ;i b h o ct b MHc|)opMaAMM 


OcHOBHbiM apryweHTOM npoiUBHUKOB onepapnoHHoPi cucreMbi Windows 
BB/ifleiCB ee HeAOCTaTOHHaa 6e3onacHocib. FIocmotpum, Kanne ycn;iHB 
npn pa3pa6oTKe hobom cepBepHoii OC 6biAH npn;io>KeHbi cj^npMon 
Microsoft n kbk ohm noBAMji;iM Ha 6e3onacHOCTb. 


pn pa3pa6oTKe Windows Server 2003 
oco6oe BHMMaHMe yAe/innocb Bonpo- 
caM 6e3onacHocTM. C 3tom tohkm 3pe- 
HMfl OAHO M3 CaMbIX Ba>KHblX M3MeHeHMe B HO- 

BOM OC — 3TO M3MeHeHne HacipoeK cepBepa, 
npMHflTbix no yMO/iHaHMto. Tenepb no OKonna- 
HMM ycTanoBKM cepBep 6yAer Mweib onenb or- 
paHMHeHHbiii naOop (frynKUMM. flns roro 4 to6w 
aanycTMTb, nanpMwep, Be6-cepBep, npMAeTcn 
Aono/iHMTe/ibHO MHCTannMpoBBTb IIS (Internet 
Information Service), a aarew m nacrpaMBaTb 
ero. Bnponen, o6 btom mw yme roBopnnn, no- 
3TOMyA3BaMTe nepewAeM HenocpeACTBenno 
K nacrpoMKe OeaonacnocTM BCTpoennbix cep- 
BepoB, Tax K3K aneKTpoHHas nonra m pocryn 
K pecypcaM Be6- n FTP-cepeepoB no npMpope 
CBoeii jiBnjnoTCJi cawbiMM pacnpocTpaneHHbiMM 
naaeiiKaMM p,m enpycoB n xaKepoB. 

HTo6bi He ysnsHyTb 
B flayTHHe 

Mt 3K, Mbi pemnnn cpenaTb m3 namero CBewe- 
yCTaHOBnennoro Windows Server 2003 Be6- 
cepBep. riocne saBepmenMn nepBonana/ib- 


Hoii ero ycTanoBKM mbi nonymiM Be6-cepBep, 
odnapaioiAMM MMHMuanbHOM (JjynKAMOHa/ib- 
HocTbK), npM oOpaipeHMn oh CMorKei Bbipa- 
Baib TonbKo craiMHecKMe crpaHMHKM. HtoOw 
BK nioHMTb noTeHAManbHo onacHbie bo 3 mo>k- 
HocTM, raxMe, nanpMwep, KaK nopAeprKKa 
TexHo/iorMM SSI (Server Side Include, bk^k)- 
HeHMB Ha CTopoHe cepaepa) n ASP (Active 
Server Pages, aKTMBHwe cepeepHbie crpaHM- 

Abi), HeoOxoAMMO BpyHHyK) B npunorKeHMH 

IIS Manager namn nanKy «Web Service 
Extensions* («PacmMpeHMfi Be6-c;iy>K6bi»), 

B KOTopoM paapeiuMTb padory AononHMrenb- 
Hbix KownoHeHTOB Be6-cepBepa. 

HeodxoAMMo ydeAMTbCJi, mto y Kara/iora, 

B KOTOpOM HaXOAJlTCB ASP-CKpnnTbi, ecTb pa3- 
pemeHMe na sanycK 3 tmx CKpunroB. 3 to pa3- 
pemeHMe HacTpanBaeTca b cbomctb 3 x nanxM 
M3 KOHCO/1M ynpaBneHMfi IIS (IIS Manager). 
EcnM MbI XOTMM OCpaHMHMTb AOCTyO K Be6- 
cepBepy m/im k ero hbctm b cooTBeicTBMM 
c yneTHbiMM aanMcriMM nonbaoBaieneM m^m mx 
IP- appecaMM, to mw mowom 3 to cpenaTb b lex 
)Ke cBOMCTBax nanKM Ha BKBapKe «Security». 


Tenepb o BMpycax. Bupycbi McnojibayioT 
cneuMa/ibHbiM odpaaow ccjropMMpoBaHHwe 
URL (b TeKCT URL BK/iK)HaK)Tcji cneriMa/ibHbie 
CMMBOJibi, B coBOKynHocTM o6pa3yioiAMe 
CKpMni), KOTopwe no3BO/unoT no/iyHMTb yn- 
paB/ieHMe cepeepow m aacraBMTb ero Bwnon- 
HBTb KOMBHAbl 3nOyMblUJ/ieHHMKa. Hiodbi He 
AOnyCTMTb 3TOrO, HeodxOpMMO MCn0/1b30BaTb 

firewall c B03M0>KH0CTbK) (JjMnbipauMM URL 
m;im npMMeHjiTb AononHMTe/ibHwe cpepCTBa, 
MHTerpMpyioiAMecfi HenocpepcTBenHO b IIS. 
HanpMMep, y KonnaHMM Microsoft ecTb yTM/iM- 
Ta UrlScan, KOTopan nosBonneT dnoKupoBaib 
noAOspMTenbHbie aanpocw k Bed-cepaepy. 

Ha CTpa>Ke c(>aMiiOB 

ripn co3flaHHM FTP-cepBepa {v\, cootb6t- 
CTBeHHo, fl/ifl noc/ieAytomeM HacrpoMKn ero 
6e3onacHocTn) Heo6xoflMMo yKa3aTb Kara/ior 
«Home Directory)), k KOTopowy no.nb30BaTe.nM 
6yflyr Mweib Aocryn no npoTOKony FTP, a laK- 
me npaaa no.nb30Bare.neM Ha aaKaHMBaHMe 
M cKaHMBaHMe (J)aM.noB. FIommmo o6iamx npaa 
Ha 3anMCb m.bm meHMe, KOTopbie nacrpaMBa- 
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» toTCfl T3M we, Ha BK/iaAKe «Home Directory* 

B CBOMCTBax FTP-cepBepa, npaaa flocryna 
K KOHKpeTHOwy (jjafiny onpeAenniOTCJi NTFS- 
npaBaMM Ha noKa/ibHbiw Aociyn k (jraway. Or- 
paHMHHBaTb AOCTyn k cepaepy mowho m no 
IP-aApecaM, lax we, xax m b cnynae c aeS- 
cepaepoM. CooTBeTCTBytoman BKnaAxa nasbi- 
Baercfl «Directory Security*. 

EiAe oamh napaweip, na Koropbiii ctomt 
o6paTMTb BHHMaHWe, — 3T0 KOnMHeCTBO OA- 
HOBpeMeHHbix noAKnHDHeHMM K cepaepy (ftp 
site connection). 3to hmc/io ao;iwho onpeAe- 
nsTbCfi iiJMpMHOM Baiuero Kanana b MniepHe- 
re. Flo yMonnaHHK) oho cocraenneT 100 000, 

HO HeoOxOAMMO COKpaTMTb eCO Ha HeCKOnbKO 
nopjiAKOB. B npoTMBHOM c/iynae aam cepeep 
Mower nacTb weprBoii DoS- (Denial of Ser- 
vice, OTKaa B o6cnywMBaHMn) wnw DDoS- 
araKH (Distributed DoS, DoS-araxa, npon3- 


KoHTOpa HMlUeT 

Bee cepBMCbi, npeAocraBnneMbie onepapM- 
OHHOM CMcreMOM Windows Server 2003, 
MMetoT BOSMOWHOCTb BeAeHMH wypHana 
A/iH craTMCTHKM McnonbaoBaHMH pecypcoB 
M BblHBJieHMH MCTOHHMKOB B03M0>KHbiX 

araK na cepeep. FlanpMMep, ec/in Bauj 
Be6-cepBep cran oneHb MeA/ieHHO pa6o- 
raib M/iM coBcew «3aBHc», to MMeer CMWcn 
3amHHyTb b wypHan oOpameHMM k cepBe- 
py M ysHaib, Her riM raivi HeKoppeKTHUx 3a- 
npocoB. To we caMoe othochtch k FTP-, 
SMTP-, POP- M APyrHM cepBepaM. HeKoro- 
pbie cepeepbi HMeior cbom coOcTBeHHbm 
nor-ebaPin, epopMar n pacnonoweHMe koto- 
poro HaerpaHBaeren b CBoPicTBax AaHHoro 
cepBepa (Be6, FTP). flpyrMe sanMCbiBator 


BOAMMan oAHOBpeMeHHo c 6onbujoro Hwena 
KOMUblOrepOB). 

OAHaKO FTP-cepBep, axoAniAnii b coctbb 
IIS, OTBenaer ue bcbm norpedHOCTSM bamhhh- 
erparopoB. flnn rex, KOMy He XBaraer bo3- 
MOWHOcreii no naerpoMKe 6e3onacHOCTn 
BcrpoeHHoro FTP-cepaepa, mowho nopexo- 
MeHAOBaib nonynnpHbiM FTP-cepeep Serv-U 
KOMnaHMM RhinoSoft (www.serv-u.com). 

HaAe>KHbiM noHTanbOH 

FoBopn 0 saiAMie nonroBoro cepaepa, Heo6- 

XOAMMO BCnOMHMTb 0 TOM, HTO aBTOpM3a4MJl 

no npoTOKony POP3 Mower npoMCxoAMTb 
KaK B oObIHHOM, TBK M B 6e3onacHOM pewMMe 
c Mcnonb30BaHneM TexHonorwH SPA (Secure 
Password Authentication, beaonacHan ayreu- 
rrKpMKapmi naponn). Merop SPA nepepaer na- 
ponn or KnweHTa k cepeepy b aamMcfipoBaH- 


Heo6xoAMMyra MHCpopMaumo b oOlamm wyp- 
Han coObiTHM Windows, AocrynHwii p,ni\ 
npocMOTpa M3 npMnoweHMH «Event Viewer* 
(SMTP, POP). Flo yMO/lHaHMK) COOblTMH 
B nor-cpaPinbi raxMX cepsepoB, k3k Be6 
M FTP, nMmyrcH b reKCTOBOM bmao m He- 
npMroAHbi Ann Aera/ibHoro MayneHMS. 4to- 
6bi nonynaTb HamsAHyio KapTMHy m craTM- 
CTMKy, MMeer CMbicn HaerpoMTb aanMCfa co- 
OblTMM B 6a3y AaHHbIX M nOTOM C nOMOmbKJ 
cneuMa/ibHbix npMJioweHMM, nanpMMep, 
Crystai Report, erpoMTb ra6nML(bi m rpaepM- 
KM nocemeHMM cepaepa. Oro no3BonMT 
nonyHMTb npeAcraBneHMe o tom, hto npo- 
MCXOAMT Ha CepBepe, M 6blCrpO BblSBMTb 

araKy m^m npocro HenonaAKy b pa6ore. 


HOM BMAe, HTO n03BOnfleT MCKniOHMTb B03M0W- 

HocTb nepexBara. Oahako cnoco6 aBTopMsa- 
AMM Ha noHTOBOM cepBepe nannercji bamh- 
CTBeHHOii HaCTpOMKOM, KOTOpoii Bbl MOWBTe 
ynpaBnnTb. McnoAbaoBarb raxoM cepaep b xa- 
HecTBe noHTOBoro mowho amiub BHyrpM ne- 
doAbiuoM opraHM3aAMM. Ecam bw nAaHMpyere 
noAynaTb nonry H3 HHTepnera mam paaBopa- 
HMBarb noAHOAeHHyx) CMcreMy xopnopaTMB- 
HOM 3AeXTpOHHOM HOHTbl, TO 6e3 yCTaHOBXM 
Exchange-cepaepa saM He odoMTMCb. 

BMpycaiui — 6 oii! 

Ha ceroAHfliAHMM ASHb ecTb rpM ochobhwx cno- 
co6a aaiAMTbi or nonroBbix BMpycoB. PaccMOT- 
pMM MX B nopAAxe yaeAMHeHMA HaAewHOCTM. 

Tperbe Mecro aaHMMaer aHTMBMpycHoe 
nporpaMMHoe odecneneHMe, ycTaHOBAeHHoe 
Ha AoxaAbHOM xoMnbxrrepe xawAoro noAbao- 
BareAA m npoBepnxMAee Bce npMxoAniAMe 
UMCbMa. OneBMAHbiM HeAocTarxoM raxoro 
noAxoAa ABAAercn oTcyrcTBMe peHTpaAMao- 
BaHHoro ynpaBAeHMA aaiAMTOM. AHTMBMpyc- 
Hoe no Mower 6biTb OTXAxrneHO, 6aaa ashhux 
BM pycoB Mower ne odHOBAATbca, m, naxonep, 
noAbaoBareAb Mower npocro McnoAbaoBarb 
noHTOByx) nporpaMMy, b xoTopyx) aro aHTMBM- 
pycHoe no He MHrerpMpyercn. 

PemeHMeM 3 tmx npodAeM ABAAercA npo- 
Bepxa noHTbi HenocpeACTBenno na cepsepe. 

EcTb no, xoTopoe MHTerpMpyercA npAMO b 
noHTOBbiM cepaep, nanpMMep b Exchange, 

M Ha6AX)Aaer aa nonroBbiMM AipMxaMM noAb- 
aoBareABM. OcHOBHbiM HeAocrarxoM 3Toro 
cnocoba abaabtca neBoaMowHoerb o6hob- 
AeHMA noHTOBoro cepaepa 6ea OAHoapeMen- 
Horo odHOBAeHMA aHTMBMpycHoro no. HanpM- 
Mep, ecAM xoMnaHMA Microsoft Bbinycxaer 
HOBbiM Service Pack aaa Exchange-cepeepa, 

TO HeM3BecTHo, xax noBBAeT cebA aHTMBMpyc- » 


■ 

■ 




□ 

y>ieT npoMSOuieAUJero c cepeepoM 

■n 
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» Hoe no noc;ie o6HOB;ieHM5i cepsepa m 6 yflei 
m OHO pa6oT3Tb Boo6ipe. 

noaroMy onTHMa/ibHWM npeACiaB/ijieTCfl 
T3KOM CnOCo6, npM KOTOpOM aHTMBMpyC, yCTa- 
HOB/iBHHbiii Ha HporpaMMHOM M/iM annapaT- 
HOM firewall, caM cKaHMpyer noriyHaewyio 
noHTy. B 3T0M c/iynae mo>kho nopeKowenflo- 
Baib aanycTMTb Asa noHTOBWx cepsepa. Hep- 
Bbiii, BcnoMorare/ibHbm, 6yAei npMHMMaTb 
HHCbMa, nepeABBaib mx 6e3 MSMeneHHii aHTw- 
BHpycy M, B aaBMCMMocTM OT peaynbTaTOB pa- 
6 oTbi aHTMBMpyca, yAariBTb n;in nepepaBaib 
ocHOBHOMy. OcHOBHoii noHTOBbiii cepBep 6y- 
A6T B pesy/ibTare nonyHaib noHiy, yrxe npoBe- 
peHHyio Ha na;iMHne BHpycoB. CooTBercTBeH- 


lE^axe CTeHbi MMetor 

3/ieKTpoHHbie HHCbMa Ha nyTM ao aApecaia 
npoxoAHT Hepea Maccy noHTOBbix cepse- 
pOB. AAMMHHCTpaTOp Ka>KAOrO MX HMX MO- 
>KeT npM >Ke/iaHMM nponecTb coAep>KMMoe 
Bamero HMCbMa. Bonee Toro, cyiAecTByer 
B03M0>KH0CTb (pMHbTpOBaTb HOHTOBblM Tpa- 
CpMK M BbmaB/lMBaTb HMCbMa, coAep>KaLAMe 
aapanee onpeAeneHHbie coHeiaHMH cmmbo- 
HOB, KaK B CHy>Ke 6 Hbix HOHHX, TaK M B ca- 
mom Te/ie HMCbMa. flosTOMy cbom coo 6 me- 
HMB HeoSXOAMMO SaiAMLAaTb. B HOHTOBOM 
cepBepe b Windows Server 2003 HMKaKMX 
cpeACTB saiAMTbi McxoAHiAero ipacpMKa He 
npeAycMOTpeHO. 3a6oia o 6 stom ho>kmtch 
Ha HOHTOBOrO KTIMeHTa. ripM Heo 6 xOAMMOCTM 
COXpaHMTb HOCJiaHMe B TaMHe MO>KHO BOC- 
HOHbaOBaTbCH HpOrpaMMaMM LHMtppOBaHMH, 
HanpMMep, lUMpOKO MSBeCTHOM PGP M/IM >Ke 
nporpaMMaMM cieraHorpacpMM. B nepBOM 
cnynae BepoHTHOCTb Toro, hto cooSipeHMe 


HO M B JUAMK Ho;ib30BaTe.neM HonaAST nonra, 
y>Ke oHMiAeHHan or bcjikom aapaaw. 3 tot 
cnoco 6 BB/ifleTCB ne tojibko caMbm yAo 6 Hbm, 
HO M caMbiM 6e3onacHbiM. fla>Ke b c.nyHae bw- 
xoAa M3 CTpofl aHTMBMpycHoro no B pe3y.nbTa- 
Te BMpycHOM m;im xaxepcKOM aiaxM Bama hoh- 
TOBan CMcreMa ocTaHeicfl pa 6 oTocnoco 6 HOM 
no KpaMHe wepe pj\!\ o 6 MeHa noHToii BHyipn 
KOMnaHMM. 

Kok coMOMy 

He craTb cnaMepoM 

Eipe OAHMM 6eACTBM6M, MMeroiAMM OTHomeHMe 
K 3.neKTpoHHOM noHTe, jiBnjieTCfi cnaM, to ecib 
paccbinKa peK/ianHbix coo6iAeHMM no MHorxe- 


yiuM 

npoHTei TOHbKO aApecai, npaKTMHecKM paB- 
Ha eAMHMpe. Bo BTopoM bw CMorKeie 
CKpbITb He TOJlbKO COAep>KaHMe COOOlAeHMB, 
HO M CaM CpaKT HOCbl/lKM COOOlAeHMH. 

CepBMC Messenger, KOTopbiii HBHHeTCH npo- 
CTO KpacMBOM 060 H 0 HK 0 M HaA KOMaHAOM net 
send, BooSiAe SesaaiAMTeH. 3 to osHanaeT, 
HTO cooSiAeHMB, HocnaHHbie npM noMoipM 
Messenger, Moryr SbiTb c nerKOCTbto nonyne- 
Hbi nioSbiM noHbsoBaTeneM ceTM. HMKaKMX 
cpeACTB aaiAMTbi TeKCTa b Messenger He 
npeAycMOTpeno. Otchdao BbiBOAbi — 3 tmm 
cpeACTBOM nepeAaHM coodiAeHMM cneAyeT 
noHbaoBaTbCH tim 6 o b adconioTHO saiAMiAen- 
Hbix ceTHX, tim 6 o npeABapMTenbHO iiJMtppo- 
BaTb TeKCT, hm 6 o He nepeABBaTb Ba>KHbie co- 
oSiAeHMB npM homolam Messenger. Mo>kho 
AOCTMH b periM M OAHMM yAapoM — aanycTMTb 
cepBMC IPSEC, KOTopbiM B03bMeT Ha ce 6 n 
aaAany lOMCppoBaHMH TpacpMKa. 


CTBy aApecoB. HeKOTopwe cnaMepw MigyT 
B HHTepneTe HeaaipMiAeHHbie noHTOBwe cep- 
Bepa M Mcno.nb3yioT mx aaa mbccobom pac- 
cbmKM HMceM. HTo6bi He oKaaaTbcji b ne- 
npMBTHoii CMTyaAMM, y6eAMTecb, hto Bam 
noHTOBbiii cepBep ne mowot pa6oTaTb b xa- 
HecTBe Relay-cepaepa, to ecTb oh npMHMMaeT 
noHTy TOAbKO A-nn noAbaoBaTeAeii CBoero 
AOMena m OTnpaBAaeT noHTy Taxwe Tonbxo 
OT noAbaoBaTeAeii cBoero Aonena. He Bce 
noHTOBbie cepBepa mmbiot Taxyio ycTanoB- 
Ky no yMo.HHaHMio. 

Ecam )Ke Bbi oKarxeTecb rxepTBOM cnawe- 
poB, TO Bac MoryT noAWMAaTb abb xpynnbie 
HenpMJiTHOCTM. Bo-nepBbix, WAMTe ot Bamero 
npoBaMAepa chbt na Kpynnyio cywMy (ecAM 
Bbl AAaTMTe 33 TpacJjMK). Bo-BTOpbIX, y B3C MO- 
ryT B03HMKHyTb HeOpMATHOCTM C 33KOHOM, T3K 
K3K 6 opb 6 a CO cnaMepaMM b HacTOAipee Bpe- 
Mfl nepeXOAMT M3 o6a 3CTM TeXHMHeCKOM B 06 - 
AacTb lopMAMHecxyio. 

flOCTOpOHHMM 
BXOA BOcnpeiMeH! 

ripeAocTaBJieHi/ie yAaaeHHoro Aocryna a^^ co- 
TpyAHMKOB KOMnaHMM HOABepraeT Bamy ceib 
Aono/iHMTe/ibHOMy pMCKy. fl/iJi Toro HTo 6 bi no- 
nacTb B /lOKaabHyK) ceib MSHyipM, Hy>KHo He 
ToabKo yKaaaib /iotmh m napoab, ho m kbk mm- 
HMMyM npoMTM MMMO nyHKia oxpaHbi. B cjiy- 
Hae >Ke yAa/iennoro Aocjyna BaM npMAeTCJi 
AOBepBTb To/ibKo TBXHMKe M pporpaMMHOMy 
o 6 ecneHeHMK). 

flepcoHanbHasi 

MAeHTM<|>iiKauMn 

OaHOM M3 CaMbIX HaAe>KHblX JlBJlJieTCB CMCTe- 
Ma oAHopasoBbix napo/ieM. B raxoM cMcreMe 
Ka>KAbiM }Ke/iaK)iAMM no/iyHMib yAa/ieHHbiM 
Aociyn MMeer >KeT0HHMK c AncnaeeM, Ha ko- » 




HeAopa6oTKa b CMCTCMe aaiMMTbi 
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Internet Authentication Service nosBO/iner 6bicTpo m nerKO 
nonyMHTb HH(|>opiviai4mo o KawAOM nonbaoeaTene ceTM 



» TOpOM BbICBeHMBaeTCfl HeKOTOpoe HMC/IO, M 6 - 
Hfliomeecfl Hepea onpefle/ieHHbie npoMe>KyT- 
KM BpeweHM n no onpeAe/ieHHOMy a/iropm- 
My. rio TaKowy me a/iropwiMy MeHaraicfl 
HMc;ia Ha caMOM cepaepe, oTBenaioiAeM aa 
npeflocTaB/ieHMe AOCTyna. flpM aBTopi/iaaAMM 
Hepea yAa/ieHHbm Aociyn no/ibaoBaie/ib ao-h- 
meH BBecTM cbom PIN m aio hhc;io. Flapo/ib 
cociaB/ifleTCfl Ha 3 tmx AByx KOMnoHeHioB. 

OAHOBpeMeHHafl KownpoMeraAMfl PIN m 
yipaia no/ibaoBare/ieM CBoero meroHa, paay- 
Meercfi, wa/ioBepoATHbi. flame ec/ui a/ioyMbi- 
[u;ieHHMK, anafl saiu PIN, noAr;iflAHT An 4 )pbi 
Ha meroHe, to nepea napy MHHyr 3 tot na- 
po/ib yme yciapeer h Bocno/ibaoBaibCfl hm 
6yA6T He/ib3fl. 

SaiMHTO 

KopnopoTMBHbix pecypcoB 

BnpOHeM, MO)KHO OrpaHMHMTbCJI o6blHHOM as- 
TopnaapnePi c noMoipbio craHAapTHoro nMeHn 
noJibsoBaTBAJi M napo;iJi. Toro HTo6bi CAe- 
/laTb M3 Windows Server 2003 cepsep yAanen- 
Horo Aocryna, HeoOxoAMMO AoOaBMTb eny 
ponb, KOTopan tbk m HaabiBaeicB — cepaep 
yAaneHHoro Aocryna. 

ilocne ycraHOBKM 3 tom poAM cepeep cMorneT 
BbinOAHflTb CAeAyKMAMe OCHOBHbie 4)yHKUMM. 

► Co 3 AaBaTb VPN-cepBep A-nn noAKAiOHeHMB 
yAaneHHbix KAMeHTOB Hepe 3 HHTepHei. 

► npeAoCTaBABTb yAaneHHbiM Aocryn p,m\ 
noAKAioHeHMj) KAMeHTOB HO MOAewy. 

► OcymecTBABTb MapmpyTM3aL(MK) no ipe6o- 
BaHMK) (demand-dial connections). Ecam cep- 
Bep paOoTaer b KanecTBe MapmpyTMsaTopa m 
noAKAioHaeicA k npoBaiiAepy no MopeMy, 

TO noAAep>t<HBaTb coeAMneHMe ooctoahho ne 
odAsareAbHO, ocoOenno ecAM bw nAarMie 3a 
BpeMA noAKAioneHMA. Korpa KTO-HM6yAb M3 
noAb30BaieAeM pemMT, nanpMMep, noMMiaib 


hoboctm Ha caMTe mam oTocAarb nMCbMo, to 
cepBep noAyHMT aanpoc, TpeOyioiAMM noAyne- 
HMA AocTyna k BHemHMM pecypcaw, m can ao- 

3 BOHMTCA AO npoBaMAopa. Ho MCTeneHMM 
TaMM-ayTa b cAynae oTcyTCTBMA BHemHero 
Tpat|)MKa npoM 30 MAeT oTKAioneHMe MOAewa. 

► OcymeCTBAATb TpaHCAAHMK) aApocoB (NAT) 
M (})MAbTpaL(Mio Tpa(})MKa (firewall). 

► HacTpaMBaTb cepeep b xanecTBe Mapmpy- 
TM3aTopa. rioAAep>KMBaioTCA npoTOKOAW am- 
HawMHecKOM MapmpyTM3apMM RIP m OSPF. 
riocAe HacTpoMKM cepeepa ynpaeAeHMe m 
KOH(|)M rypai4MA ocymecTBAAioTCA Hepea koh- 
coAb Routing and Remote Access. AsTopMsa- 
u,m noAb30BaTeneM Ha cepeepe yAanennoro 
AOCTyna MorneT npoMcxoAMTb c McnoAbsoea- 
HMeM yneTHbix sanMcen caworo Windows 
Server 2003 m c McnoAbsoeaHMeM cnenMaAb- 
Horo npoTOKOAa RADIUS. 

3tOT npOTOKOA ABAAeTCfl npOTOKOAOM aB- 
TopM3ariMM, M cyipecTByKiT ero peaAMsapMM 
AAA Bcex M3BecTHbix nAaT(J)opM. Cepeep, na 
KOTopoM xpaHMTCA 6a3a noAbsoBaTeAeM, pa- 
OoTaioiAMM no 3Towy npoTOKOAy, HasbieaeTCA 
RADIUS-cepeepoM. Ero McnoAbsoeaHMe on- 
paBAaHHO B Tex CAynanx, KorAa b ceTM ecTb 
HeCKOAbKO cepeepoB AocTyna m neoOxoAMMO 
MMeTb eAMHyio neHTpaAM30BaHHyio Oaay 
noAbsoBaTeAeM. 

RADIUS-cepeep mo)kho ycTanoBMTb m na 
Windows Server 2003. OAHaKO no xaKMM-TO 
npMHMHan B Windows Server 2003 oh Hasbiea- 
eTCA Internet Authentication Service. VcTa- 
HOBKa ero npoMseoAMTCA nepes nepea koh- 
coAb Add or Remove Programs. 

RADIUS-cepeep MorxeT OKaaaTbCA oneHb 
noAesHbiM npM paaeepTbiBaHMM OecnpoBOA- 
Hbix ceTeii. HioOom nenoeeK c HoyTOyKOM 
MAM HaAaAOHHMKOM, B KOTOpOM yCTaHOBABHa 
KapTa paAMOAocTyna, MoweT nepexeaTMTb 


ryAAiomyK) b papMoceTM MH(|)opManMK), 

6am 3KO noAOMAA k Hen. flAA 6opb6bi c 3 tom 
npoOAeMoii McnoAbsyioTCA pasAMHHwe npo- 
TOKOAbl lAM(|)pOBaHMA Tpa(|)MKa, KOTOpbie AO" 
AaioT npopecc AOKOAMpoeaHMA eecbMa Tpy- 
AoeMKMM. OAHaKO 3Ta saAana abaaotca 
npoOAewoM tohok AOCTyna m ceTeeux 6ec- 
npoBOAHbix KapT M can Windows Server 
2003 TyT BpAA AM HeM-TO noMoweT. 

OAHaKO OecnpoBOAHbie ceTM toat b ce6e 
M ApyryK) onacHocTb. Ecam He McnoAbsyeTCA 
HMKaKOM MexaHM3M aBTopMsapMM AOCTyna 
K ceTM, TO AK)6 oM MeAaiOlAMM MOMOT CTBTb ee 
HacTbK) M McnoAb30BaTb ee pecypcbi, to ecTb 
noAyHMTb OecHAaTHbiM AOCTyn k HHTepneTy 
M K KOH(J)MAeHL(MaAbHbiM pecypcBM opraHM- 
aauMM. flAA npeAOTBpameHMA noAoOHWx 
cAynaeB 6biA paapaOoTan npoTOKOA 802. lx. 

Ha ceroAHAiAHMM ashb oh noAAep>t<HBaeTCA 
npaKTMHeCKM BCOMM KOWMyTaTOpaMM m tohko- 
MM paAMOAocTyna m peaAMaoean b Windows 
XP M Windows Server 2003. B CBOMCTBax ceTe- 
Boro noAKAK)HeHMA ecTb BKAaAKa «Authenti- 
cation», b KOTopoM mowho naCTpoMTb AocTyn 
K ceTM B TOM CAynae, ecAM aaa 3toto TpeOyeT- 
CA aBTopMaapMA 802. lx. 

CaM npoTOKOA paOoTaeT cAeAyKiiAMM o6- 
paaoM. ToHKa paAMOAocTyna noAynaeT aa- 
npoc OT HOBoro KAMeHTa Ha AOCTyn b ceTb 
M aanpaiAMBaeT ero napoAb. KAMeHTCKMM 
KOMHbioTep nocbiAaeT b otbot mma m napoAb 
yneTHOM aaoMCM. Ho yMOAHaHMio nocwAa- 
H3TCA MMA M napoAb yHOTHOM aaoMCM pa6o- 
Taiomero b AaHHWM momoht noAbaoeaTeAA. 
ToHKa paAMOAOCTyna, nonyHMB otbot, nepe- 
cbiAaeT ero Ha RADIUS-cepeep, KOTopwM 
npoBepAeT, ecTb am y Hero TaxaA aanMCb 
b cBoeii 6aae. Ecam RADIUS-cepeep abot 
A o6po, TO TOHKa AOCTyna paapeiuaeT Aan- 
HOMy KAMeHTy paOoTaTb b cotm. » 
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» SoAenbiBaeM lAeim 

Ho Mepe pocTa Hnc;ia KOunbioTepoB ynpaBJie- 
Hue ceTbK) cTaHOBMTCB BC6 6o/iee TpyfloeMKoii 
aaAaHBM. KawAOMy Kownbrorepy HaAo npn- 
CBOMTb IP-aApec, coo6iAHTb aApec m/iioaa no 
yMonHaHMio n DNS-cepaepa. flna roro HTo6bi 
M36aBMTb ce6ji OT 6eroTHM k KawAony kom- 
nbioTepy b cnyHae naMeneHna aApeca DNS- 
cepBepa, mowho paaAaBaib Bce arn nacipoM- 
KM peHTpaJinaoBaHHO, ncnojibayn A-na aioro 
cepBep DHCP. Plpn aarpyaxe onepapnoHHoii 
CMCTeMbi ona nbiraeica naiiTM b cern 3tot 
cepBep M, b cnyHae ycnexa, npocnr coo6iAHTb 
BCK) nHTepecyioiAyio ee MH(|)opMannio. 

Ho aBTopnaoBaTb DHCP-cepoep, k co>Ka- 
jieHMK), HeBoaMOMHO. Ecnn kto-to Bnyipn 
jioKanbHoii C6TM ycTanoBMT n aanycTWT cbom 
DHCP-cepBep, to KnnenjcKnM KOMObioTep 
MOWBT noayHMTb HenpaBunbHbiM IP-aApec 
CO BceMM BbiTeKaioiAMMM oTcioAa nocneA- 
CTBMBMM. Ecan BApyr bw o6Hapy>KMTe, hto 
KOMHbioTep nonyHMn kbkom-to crpaHHbiii 



lllM(|>poBaHMe Tpa(|>iiKa 


ripOHHTaJl 6yKBbl, HO 


OnepapnoHHan cucTeivia Windows Server 
2003 oOnaAaeT OoraibiM HaSopoM cpyHK- 
u,m BceB03MO>KHoro LiiMcppoBaHnn. B na- 
CTHOCTM, Bbl M0>KeTe LJJMtppOBaTb TpaCpMK 
Me>KAy ceTBMM n/in Me>KAy KOMnbKDTepaMM. 
HacTpoPiKa irjMtppoBaHnB ipacpnKa no npo- 
TOKony IPSEC b cpeAe cepBepoB Windows 
He BBnneTCB oneHb cno>KHOM SBAanen, 
noaioMy nocne HacipoMKH cepsepa cto- 
MT noAyMaib, Ana saipHTbi KaKOM Kaiero- 
pHH AaHHbix cneAyei npnno>KHTb Aonon- 
HMTejlbHbie yCH/lMB. 

HeKOTopbie cepaepbi, laKMe uaK noHTO- 
BblM MOM Be6-CepBep, HMeKDT COOCTBeH- 
Hbie MeXaHMBMbI LlJMCppOBaHMn TpaCpMKa. 


aApec, TO Ban npMAeTCfi McxaTb b BamePi ce- 
TM «neBbiM» DHCP-cepaep. 

KoMaHAa ipconfig /all noMoweT yanaTb 
aApec DHCP-cepaepa, c KOToporo KownbioTep 
nonyHaeT cbom HacTpoMKM. Ecnn cepaep bb- 
naeTCB nacTbio Active Directory, to aanycTnTb 
DHCP-cepBep ywe He nonyHMTca, oahbko mo>k- 
Ho ycTanoBMTb Windows Server 2003 b pewnMe 
Standalone n Aa/ibme AsnaTb mto xoTMTe. 

DNS-cepaep oTBenaeT aa npHBBaxy MMen 
KOMnbioTepoB K IP-aApecaM. Ecnn bw BBaAee- 
Te coOcTBeHHbiM AOMBHHbiM MMeHeM, TO aaoM- 
CM 0 KOMObioTepax B Bamew AOMene 6yAyT 
xpaHHTbCB Ha DNS-cepBepe, KOTopwii MorxeT 
pacnonaraTbCB nn6o y npoBaiiAepa, nn6o ne- 
nocpeACTBeHHo b BamePi BOKanbHoPi ceTw. Ec- 
n\A Bbl peiiJMTe ycTanoBMTb cbom coOcTBeHHwPi 
DNS-cepBep, to OyAbTe KpaPine ocToporxHbi m 
BHMMBTenbHbi opM ero HacTpoMKe. PeanMaapMB 
3TOTO cepBepa b Windows Server 2003 noA- 
Aep>KMBaeT AMHawMHecKoe oOnoBneHMe aanM- 
cePi. Oahbko ecBM bh He ysepeMbi, mto bbm 3to 


He noH$iJi CJ10B0 

flnn Be6-cepBepoB stot MexaHMBM nasbi- 
BaeTcn SSL (Secure Socket Layer). OAHaKO 
Ann ero nacTpoPiKM BaM npMAeTcn osnaKO- 
MMTbCB C TeXHOnOrnePi UMCppOBblX CepTMCpM- 
KaTOB, mto noTpeOyeT BHaMMTe/ibHbix ycM- 
nkiPi, TaK KaK TeMa STa AOCTaTOMHO cno>KHa 
M oOiseMHa. Ciocne SToro BaM npMAeTcn 
pasBopaMMBaTb cepBep BbiAaMM cepTM- 
(pMKaTOB tim6o Ha ease co6cTBeHHoro 
Windows Server 2003, nn6o sanasbiBaTb 
TaKoPi cepTMCpMKaT y APyrnx opraHMsauMPi, 
npeAocTaB/inioiAMX noAo6Hbie yc/iyrn, 
HanpMMep y KOMnaHMM VeriSign (www. 
verisign.com). BbiAannuPi cepTMCpMKaT Aon- 
>KeH nojibsoBaTbCB AOBepkieM ksk OTnpa- 



OTBeTCTBeHHOCTb 33 npMHnTMe peiue- 
HHH o xapaKTepe AMHaMHHecKoro o6- 
HOBaeHHn DNS-cepBepa ao>KMTCfl 
Ha aAMHHMCTpaTopa cbth 


Hy>KHO, TO nyMiue AaHHyio (|)yHKAMio otk/iio- 
MMTb. Ho AMHaMMMecKoe oOnoBneHMe HeoOxo- 
AMMo B cnyMae ycTaHOBKM Ha cepaepe koh- 
Tponnepa AOMena. ■ ■ ■ BaMecnaB JlymMHcxnvi 


BMTenn, tbk m nonyMaTenn coo6meHMn. 

Ha pbiHKe cymecTByeT mhoto npoAyKTOB, 
nosBonnioiAMX KOHTpo/iMpoBaTb BXOAniMMPi 
TpacpMK. 3 tm CMCTeMbi HasbiBaioTcn iDS 
(Intrusion Detection System, CMCTeMW 
o6Hapy>KeHMn BTop>KeHMn). TaKue CMCTeMbi 
noMMMO CTaHAapTHbix cpyHKiAMPi firewaii 
nosBonnioT KOHTponMpoBaTb TpacpMK Ha 
cooTBeTCTBMe CTaHAapTaM pasnMMHWx 
npoTOKonoB (HTTP, SMTP, FTP m APyrue), 

M ec/iM BCTpoeHHbie B onepauMOHHyio 
CMCTeMy cpeACTBa saipHTbi OKarKyrcn 
HeAOCTaTOMHbIMM, TO BCefAa MO>KHO no- 
CTpoMTb «ny/ieHenpo6MBaeMyio CTeny» 
BOKpyr BaiuePi cotm. 
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npottJM/iaKTMHecKne m cepsHCHbie pa6oibi 


68 3 KCn/iyATAUM^ 



Hrobbi cepsep 

6blJ1 3AODOB 


PeryjiflpHbie onepauMn HaAeKHa^i pa6oia Ka>KAoro cepaepa saBMcm Heio/ibKO OTTMnayciaHOB- 

/leHHoPi OC, HO TaKKe h ot ero nepnoAHMecKoro o6c;iy>KHBaHnyi. Bhhmb- 
HHe H pery;iyipHOCTb npM Bbino;iHeHMH onepapHPi pesepBHoro KonnpoBa- 
HHji, OTc;ie>KHBaHMji co6biTnPi cMcieMbi, AecjDparMeHTauMH h yciaHOBKM na- 
KOTOB o6HOB;ieHHH o6ecneMaT cia6n;ibHyio cjDyHKUHOHa/ibHOCTb cepaepa. 


H T 3 K, Bbl yCTaHOBM^M onepaL(MOHHyio 
CMcreMy m BbinoaHnan nacrpowKy sa- 
mero cepaepa. C aroro MOMeHia aA- 
MMHMCTpaTop o 6 ji 3 aH pery/iapHo oTcaewnBarb 
COCTOBHUe OCHOBHbIX KOMHOHeHTOB M Cay>K 6 

Windows. B doAbmnncTBe cayHaeB b btom no- 
Mower «Event V 1 ewer» («ripocMOTp co 6 biTHM»), 
AocTynHbiii b pasAene «Administrat 1 ve Tools» 
(«AAMMHMCTpnpoBaHMe»). 3 to npnaowenne co- 
CTOMT M 3 HeCKOAbKMX WypHaAOB, Hb 6 KOaMHe- 

CTBO 3aBMCMT OT (flyHKAMOHaabHbix poaeii, KO- 
Topbie BbinoAHfleT Bam cepaep (pMc. 1). 3awe- 
HareAbHOM ocodeHHocTbK) ocHacioK w2k3 ab- 

Aflercfl MX B03M0)KH0CTb OTo6pa>KaTb He TOAb- 
Ko AOKaAbHbie pecypcbi, ho pecypcbi Aiodoro 
Apyroro KownbiOTepa, padoTaiomero noA yn- 


paBABHMeM Windows Server 2003. HcnoAbsya 
KOHCOAb ynpaBAeHMA Microsoft (mmc.exe), 
MO)KHO HaCTpOMTb OToOpaWeHMe CoObITMM cpa- 
3y CO Bcex cepeepoB. B wypnaAax perMcipn- 
pyercA MHOwecTBO coObiTMii, npAMO mam koc- 
BBHHO BAMAKAAMX Ha paOoTy OnepaL(MOHHOM 
CMCieMbi. CAeAyei oOpaiAaib BHMManMe na mc- 
TOHHMK CoObITMA M erO MAeHTMC()MKaL(MOHHblM 

Howep (event ID), a raxrKe na ero tmh (npeAy- 
nperKAOHMe mam oiamOks). Ecam hto-to Bwsbi- 
Baery Bac noAospeHMe, BbinoAHMie anaAMs 
cooOiABHMA, nocMOTpMTe, KorAa oho craAO no- 
ABAATbCA, HO CBASaHO AM erO nOABABHMe C B3- 
mMMM A6MCTBMAMM AO HaCTpOMKe/M3MeHeHMK) 
CMCTBMbl MAM oOopyAOBAHMA. ECAM npMHMHa 
noABABHMA no-npe>KHeMy ocraercA a^^a aac » 
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peryjiJipHbie onepapMM 69 



Phc. 1. B >KypHa;ie «Event Viewer» perHcrpHpyeTcn MHome- 
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Phc. 2. Bbi6op HeoSxoAHMbix KOMnoHeHTOB, noA/ie>KaiAHX 
peryBnpHOMy pesepBHOMy KonHpoBaHHio 


» saraflKOM, caeAyer BbinoaHMib homck no ho- 
Mepy M MCTOHHMKy Co6blTMB B 6336 3HaHMM 
Microsoft, MaxoAfliAeiicB no aApecy 
http://support.m1crosoft.com/default.aspxfs- 
dd=fh;RU;KBH0WT0 (puc. 3) 

(nan cnepuaabubm pecypc http:// even- 
t1d.net/search.asp). Peryaapubm npocMorp 
wypHaaoB w2k3 no3Boam b3m BbiaBaarb no- 
TeHAuaabHbie npodaeMw sapauee. 

PesepsHoe KonupoBOHiie 

Ecau c )KypHaaaMM Bce b nopsAKe, to caeAyio- 
lAMM maroM ueodxoAUMo cocraBUTb naau pe- 
aepBHoro KonupoBaHua. B aaBucuMOCTU or po- 
aeii cepsepa ((jjafiaoBbiM cepeep, MapiapyiMaa- 
Top nan AOMeHHbm Kourpoaaep) naau AoameH 
6biTb y Ka>KAoro cbom. flpe>KAe Bcero ueo6xo- 
AMMo odecneuHTb pesepBupoBaHue KOMnoueu- 
TOB onepaAMOHHOM CMCTewbi, a ywe norow 
nporpaMMHbix (jraliaoB u Aanubix. OcHOBUbie 
KOMnoHeuTbi npeACTaBaeubi b «System State», 
oTo6pa>KaeMoii nporpawMoii apxMBapuu 
(ntbackup.exe) kbk oTAeabUbiii aaeweHT b cnu- 
CK6 Bbidopa (puc. 2). Hau6oaee npueMaeMbiM 
ABaaerca pesepBupoBaHue cocToauua cucre- 
Mbi, pasAeaoB «\Document and Settings®, 



«\Program Files®, «\W1ndows» u ctraiiaoB n3 
Kopna CMCTewHoro pasAeaa. OcraabHoe Aaa 
Windows, K3K npaBuao, ue Baaruo. B Windows 
Server 2003 ecTb Macrep aBapnuHoro Boccra- 
HOBaeuua cucreMbi, BbisbiBaewbrn H3 nporpaia- 
Mbl apXMBaAMM, KOTOpblii MOXCeT ynpOCTMTb 
BoccraHOBaeune cepaepa b cayaae c6oa. Oa- 
H3K0 OH o6aaAaer cyiAecTBeHHWM HeAocTar- 
KOM — Heab3a BbinoauaTb aBTOMaTnaecKoe co- 
3AaHne pesepBHoro HaOopa. AAMHHHCTparop 
AoaareH awHHo naxoAMibca aa KOHcoabto kom- 
nbiorepa. A xoieaocb 6w aBTOMaTM3npoBaTb 
npoAecc peaepBMpoBaHMa. Kax 3 to npaBwabHo 
cAeaaTb? PexoMeHAyerca BbinoanaTb raxyio 
nocaeAOBareabHocTb AeliCTBMM. 

► CnaaHi/ipyMTe, hto bw xotmto peaepBkipo- 
B3Tb, KorAa M KyAa OyAere coxpanaTb peaepa- 
Hbie Konm/i. 

► Heo6xoAMMbiMM npaaaMM Ha BbinoaneHMe 
peaepBHoro KonnpoBaHMa cMCTewHbix xaraao- 
roB o6aaAaK5T yaernbie aanwcM, aaaaioiAMeca 
aaenawM aoxaabHbix rpynn «Adm1n1strators® 

M «Backup Operators®. floaroMy caeAyer 
C03AaTb HOByio yaeTHyio sanwcb (nanpuMep 
«BackupUser®), ycTanoBMib cbomctbo «Pass- 
word never expires® («flapoab HWKorAa He 
MCTexaeT®) m BxaioHMTb ero b oAHy m 3 Bbime- 
nepeHMcaeHHbix rpynn. 

► SaperMCTpupyiiTecb na cepaepe or MMenw 
3Toro noab30Bareaa m aanycTme nporpawny 
apxMBauMM («Start Accessories ^ System 
Tools ^ Backup®). 

► BbiOepme peau/iM «Schedule» («Pacnnca- 
HMe®), npw 3TOM 6yA6T npeAaoareHo coxpa- 
HMTb B oTAeabHOM (jjaiiae nyiM kt 6 m komoo- 
HeHTaM, KOTopbie Bbi BbiOpaaM (no yMoana- 
HMK) 3TOT (jjaPia 6yA6T coxpanen b aoxaabHOM 


npo(|)Mae rexyiAero noabsoBarena). SaAaMie 
noHaTHoe Mwa Bameny pacnMcauMio, ayame 
Bcero 3TO CAeaaTb b ((jopnaTe HT0_KyflA, na- 
npMMep SystemStateToServerOl. 

► flocae 3Toro pacnMcauMe 6yAeT cosAano. 
VAoduee acero ynpaaaaTb mm ue aepea npo- 
rpaMMy apxMaanMM, a aepes «Scheduled Task® 
(«Ha3HaaeHHbie aaAauMa®) b «Control Panel®. 
3anycTMTe ero m yOeAMTecb, hto pesepenaa 
Konua C03AaH3. 

HecKoabKo peKOMeHAariMM no peaepBupo- 
BaHMKj. He co3AaBaMT6 HaaHaaeHHbie aaAa- 
HMa OT MM6HM aAMMHMCTpaTopa, Tax xax npM 
CMene mm napoaa aanaaHMpoBaHHoe aaAauMe 
nepecTaeT BbinoanaTbca, npaxTMaecxM HMxax 
Bac o6 3TOM He npeAynperxAaa. BbinoanaMTe 
cnapeHHoe peaepBMpoBanMe no C6 tm (ecan 
oTcyTCTByxTT aeHTOHHbie HaxoHMTeaM), to ecTb 
coxpanaMTe peaepenyx) xohmx) oahoto cepee- 
pa B o6iAyx) nanxy Apyroro. flpaBMabHO na- 
cTpoMTe cnMcxM AocTyna x TaxMM o 6 iamm nan- 
X3M — noaHbiM AOCTyn Aoarxen 6wTb npeAo- 
cTaaaen Toabxo noabaoBaaeax) «BackupUser®, 
a MX HTeHMe aAMMHMCTpaaopaM. OcaaabHbie 
noabaoBaaeaM He AoarxHbi MMeab Aocayn 
X 3TMM xaaaaoraM. 

ripo(t>iiJiaKTiiKa 

OcHOBHbie MOMeHTbi o6cay>XMBaHMa mw aa- 
apoHyaM. 0 ah 3 xo Aaa yeeaMHeHMa naAerxHo- 
CTM M npOM3BOAMTeabHOCTM CMCTeMbI H6o6- 
xoAMMo npoBOAMTb M HexoTopbie npocJjMaax- 
TMHecxMe paOoTbi. Ochobhom m 3 hmx aBaaea- 
ca Ae(|)parMeHTaAMa rxecaxMx ahcxob. 

Microsoft HaxoHep-To BxaxjHMaa b cocaaB 
OC xoMaHAy BbiaoBa AetfipaaMeHTaAMM (pa- 
Hee p,!\i\ npoBeAeHMa AecjrparMeHaaAMM cep- » 


CHIP 


SPECIAL 


N5 1 1 


70 3KCn/iyATAUkin npottJM/iaKTMHecKne m cepsHCHbie pa6oibi 




» Bepa Tpe6oBaaacb HenocpeACTBeHHaB pern- 
cTpapuji Ha K 0 HC 0 / 1 M cepaepa). fletJjparMeH- 
rapmo pasAejioB mo>kho aanycTMTb m6o m 
ocHacTKM «Computer Management* («Yn- 
paB/ieHne KOMnbiOTepoM») (pwc. 4), /im6o 
KOM aHAoii defrag.exe ns KowaHAHOM crpoKw 
(pMC. 5). Oco6eHHo noneaHo BbinonHJiTb pe- 
rynapHyK) Ae(fiparMeHTaL(mo paaAe/ioB a-ba 
(JjafijioBbix cepBepoB. Tax we xax m abb pe- 
aepBHoro KonnpoBaHMB, Heo6xoAHMO cocia- 
BMTb n/iaH Ae(|)parMeHTaAMM paaAenoB cep- 
Bepa M BbinoBHBTb ero no pacnncaHmo. flas 
aioro CBeAyer coaAaib KOMaHAHwii (j)aM/i 
c KowaHAOM defrag.exe m cooTBeicTByioiAM- 
MM KBioHaMM. SaieM HeodxoAMMo aaAaib ho- 
Boe HaaHaHeHHoe aaAaHwe, Koropoe m 6yAer 
aanycxaib lonbKo hto coaAaHHbiii (jjawB 
B ycTaHOBaeHHoe BpeMji. EcrecTBeMHo, 

HTO AetfiparMeHTaLiMK) cBeAyei Bbino/iHBTb 
B Hacbi HaMMeHbmeii HarpyaxM cepaepa. 



YCTaHOBKa o6HOBHeHI1M 

H, HanocBeAOK, Ha onepaAHOHHyio CMCTewy 
neodxoAMMo ycTanaBBHBaTb naxeTbi Mcnpaa- 
nenm, Koropwe Microsoft nepnoAHHecKM bw- 
nycKaer. flaxeTbi McnpaaBeHHii m aannaiKM 
AocrynHbi abb aarpyaxn c cawra http://win- 
dowsupdate.microsoft.com HanpBMyio. OAwa- 
Ko B OC npeAycMorpena BoaMowHocib aero- 
MaTMHecKoii aarpyaxw odnoBBeHHii. 3tot 
pewMM peaBMaoaaH CBywdoM «Automatic 
Updates* («ABTOMaTHHecKoe odnoBBenne*). 

Hiodbl BbinOBHMTb HaCTpOMKy 3T0M CBywdbl, 

HeodxoAMMO odBaAaTb npaaaM aAMHHHCrpa- 
Topa CMCTewbi. B naneBM ynpaaBenHB ne- 
o6xoammo BbidpaTb aBeweHT «System» n ne- 
peiiTM Ha aaK/iaAKy «Automatic Updates* 
(pMC. 6), a aarew ycranoBnTb nepeKBioHareBb 
B noBoweHkie «AutomaticalLy download the 
updates, and install them on the schedule 
that I specify* («ABTOMaTHHecKM aarpywarb 
o6HOBBeHHB M ycTanaBBHBaTb mx no pacnw- 
canmo, Koropoe 6yAer yxaaano*). Bbidepme 
BpeMB, B KOTopoe Bbi weBaeie ycTanaBBHBaTb 
odnoBBeHHB. CBywda aBTOMaTkinecKoro o6- 
HOBBeHHB 6yAeT aarpywaTb HeAOCTaraiAMe 
odnoBBeHHB b 4)ohobom pewHMe. flocBe aa- 
BepmeHMfl aarpyaxw CBywSa AOWAeTCB na- 
anaHeHHoro BpeweHM m ycTanoBHT odnoBBe- 
HMB, npw 3T0M BCe nOBbaOBBTeBM, nOAKBK)- 
HeHHbie K KOHCOBM, HOByHaT yBBAOMBeHMe 
0 roTOBHocTH ycTaHOBMTb 3aKaHaHHoe o6hob- 
Benwe. Ecbm noATBepwAenHB mbm oTxaaa ot 
ycTanoBKM ne nocBCAyeT b TeHenwe obth mm- 
HyT, TO cepaep caMocTOBTeBbHo ycTanoBHT 
odnoBBeHHB m nepeaarpyawT cepaep. Mow- 
Ho oTKaaaTbCB OT npoAOBweHMB ycTanoBKM 
B 3T0T paa M nepenecTM ee na CBeAyioigee 
HaananenHoe BpeMB. ByAbTe BHHMaTeBbHw — 


ecBM noAodHbiii pewMM padoTw ne npriroASH 
ABB Bamero cepeepa, cBeAyeT BwdpaTb Apy- 
rwe BapwaHTbi ycTanoBKH odnoBBeHHii. flo- 
MHMTe 0 TOM, HTO weBaTeBbHo MMeTb peaepB- 
nyio Konmo coctobhmb CMCTeMw, Tax xax b 
CB ynae oiuh6xm npw ycTanoaxe odnoBBenHB 
cepaep MorxeT cTaTb nepadoTocnocoSHbiM. 

BapwaHT c aBTOMaTWHecxoM aarpyaxoii 
odnoBBeHHM na HnTepneTa nenBox, ecBM y 
Bac OAMH cepaep, a hto ASBaTb, xorAa TaxMx 
cepBepoB HecxoBbxo? B 3tom cBynae mowho 
paaBepnyTb b cbth cBy>x6y Software Update 
Services (cBy>x6a ycTanoBXM odnoBBeHHM). 
flpM 3T0M TOBbxo OAMH cepBep 6yAeT noA- 
xBxrnaTbCB x cepeepy Windows Update m aa- 

XaHMBaTb odnOBBeHMB, OCTaBbHbie XOMnbX)- 
Tepbi CMoryT aa6npaTb 3tm odnoBBenHB 
no BOXaBbHOM CeTM. 3tOT AOnOBHMTeBbHblii 
xoMnoHeHT AocTynen abb aarpyaxM neno- 
cpeACTBeHHo c caiiTa Microsoft (http:// 
microsoft. com/windowsserver2003/ 
sus/default.mspx). flpHMepw nacTpofixM m 
padoTa c ashhom CByrxdoii bwxoabt aa paM- 
XM CTaTbM, ho BarxHo anaTb, hto TaxaB Boa- 
MorxHOCTb Bce )xe ecTb. 

SoKiiiOHeHMe 

ripaBMJibHo cn/iaHMpoBaHHoe v\ pery/iapHoe 
npoBefleHne paa/iMHHbix npocJ)M.naKTMHecKMx 
M cepBMCHbix pa6oT no3Bo.nMT npeAOTBpaTMTb 
6o;ibiuMHCTBo c6o6b He To/ibKo caMoro cepBe- 
pa, HO M ceTM B Ae/ioM. Kax npaBn;io, npoBe- 
Aenwe Bcex 3 thx AewcTBHM saHHMaer ropaaflo 
MeHbLue BpeMeHM, h6m fla>Ke oAHOKpaiHoe 
BoccTaHOB/ieHne pa6oTocnoco6HocTM oTKa- 
aaBLuero cepBepa, KoiopoMy aAMUHMCTparop 
He yA6.nfl;i AocTaroMHoro BHHwaHHfi. 

■ ■ ■ B/iaAMMMp E/iMceeB 
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KOHCo/ibHbie KOMaHflbi ynpaBJieHM?! 


CTapa$i Ao 6 pa 5 i 

KOHCOnb... 


MHTepc|}eMC k o m a h a h o ii crpoKH 






Pa6ora5i b Windows, MHTepcjienc KOTopoti 
OT BepCMM K BepCnH CTaHOBMTC51 Bce 
Ham^iAHee n yAodnee, mbi Macro aadbmaeM 

0 TOM, MTO CMCTOMOM MO>KHO ynpOB/lJlTb 
He To;ibKO M3 rpacjiMMecKOM cpeAW, 

HO M npM nOMOlAM KOHCO/lbHblX KOMOHA- 



H TaK, KOHCOHb KOMaHflHOVi CTpOKW 
npwcyTCTByeT bo bcbx Bepcviflx 
onepapwoHHbix cwcTeM Windows. 
PaHHvie Bepcvm OC noAAep>KviBaJivi pewviM 
MS-DOS nanpjiMyio, hto nosBOJiano Bbmon- 
HATb npOCTbie KOMBHAbl npHMO M 3 KOHCOHM. 

npeACTaBMTBAM )Ke ceMBMCTBa NT, TaxMe xan 
Windows 2000 mam Windows Server 2003, 
padoTatOT yrxe coBceM no ApyrMM npumiM- 
naM, OAHaxo MS-DOS b hmx Torxe noAAepwM- 
BaeTCK, HO nepes BMpTyanbHyto MauiMHy 
(NT Virtual DOS Machine, NTVDM), uto nos- 

BOAKeT KOHTpOAMpOBaTb M BAMMHMCTpMpO- 

BBTb CMCTeMHbie pecypcH npawo ms kohcoam 


KOMaHAHoro pe>KMMa. B KauecTBe MHTep- 
npeTBTopa xoMaHAHoro pewnwa BMCTynaeT 
nporpaMwa cmd.exe, aanycK KOTopoii ocy- 
uiecTBAfleTCA uepes mbhk) «Start Run». 
KpoMe Toro, Aun sanycxa kohcoam mowho 
BO cnoAbsOBaTbCfl sAeMenTOM mbhk) «Start 
^ All Programs Accessories 
Command Prompt*. 

SanycTMB kohcoab KOwaHAHoro perxMMa, 
noAbsOBaTeAb woweT ynpaBAATb pecypcaMM 
KAK AOKaAbHOM CMCTeMbI, TAK M peCypCAMM 
yAaAeHHOM MauiMHH. CyrAecTBytOT komahah, 
BbmOAHfllOIAMe MOHMTOpMHr CMCTOMbl M BH- 
ABAatouiMe KpMTMuecKMe MecTa b HacTpoii- » 
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» Kax cepeepa. OTjivt'ivieM pa6oTH vis KOMaHA- 
Hovi CTpoKM HBJiaeTCfl nojiHoe oTcyTCTBvte 
6oAbmnx M rpoMOBAKWx rpa(J)M'iecKvix yTvi- 
jiMT. IIporpaMMbi KOMaHAHoii cTpoKvt no3- 
BOAHiOT 6ojiee Tonxyio HacTpowKy b bwab 
napaMeTpoB-KJiiOHeii, yxasaHHbix cnpasa 
OT caMoii KowaHAbi. 

C noMOiAbto cnepviaAbHbix (J)avijiOB- 
CXpVtnTOB (Ha6opOB KOMBHA, BbinOAMtO- 
lAwxca nocABAOBaTeAbHO vuiw b sanporpaM- 
MVipOBAHHOM nOpjlAKe) aAMMHWCTpaTOp 
MO)KeT CBeCTM K MWHMMyWy BbinOIlHeHMe 
pyTMHHbix e>KeAHeBHbix onepaAMvi. CyiAe- 
CTByroiAvie coBpeMeHHbie yTWAMTbi woryT 
sanycKaTb Taxvie cxpunTbi c saASHHOvi ne- 
pVlOAVlHHOCTbK) 6e3 npVtCyTCTBWfl aAMMHM- 
CTpaTopa cwcTeMbi. 

Cam aAMMHMCTpaTOp MO>KeT BbinOAHJlTb 
KAK OAHHOHHbie KOMAHAbl, TBK M CnWCOK KO- 
MBHA, wcnoAb3ya cnepwaAbHbie ynpaBJiato- 
lAvie cviMBoabi (&, |). HanpviMep: 

KoMBHAa 1 & KoMBHAa 2 — CHaHaaa 6yA6T 

BbinonneHa Kombhab 1 w toabko 3aTew 

KoMBHAa 2; 

KoMBHAa 1 && Kombhab 2 — toabko no- 

CA6 ycnemHoro BbinoAHeHwa KoMBHAbi 1 

6yA6T 3anyA(eHa KowaHAa 2. 

CyniecTByeT B03M0>KH0CTb nepenanpaBviTb 
BbiBOAHMbivi HporpaMMovt HOTOK Hanpawyto 
B TeKCTOBbiw (J)awA AAa AaAbHeiimevi o6pa6oT- 
Kw. flaa 3Toro Heo6xoAviMO vtcnoAbsOBaib yn- 
paBAaiomviw cwMBOA «>» w viMa TexcTOBoro 
(J)aMAa. IIpviMep bhboab C0Aep>KaHwa TexyiAe- 
ro KaTBAora b TexcTOBbrn (J)aviA Report.txt 
npw noMOAiM KOMAHAbl dir npuBeAen hvoko: 

dir > Report.txt 


AAMviHwcTpaTop MoweT 3anycTviTb ne- 
CKOAbKO KOHHVi KOHCOAVl, BbI3BBB B KOMBHA- 
Hovi CTpoKe nporpaMMy cmd.exe. HcnoAb30- 
BBHvie BAOweHHoii kohcoam no3BOAaeT pa6o- 
T3Tb c nepeMeHHbiMM oxpyweHMa onepapwoH- 
Hovi cwcTeMbi 6e3 xaxvix-Avi6o nocaeACTBvivi 
AAH Bcevi CMCTeMbi B peAOM, Tax xax nocAe 3a- 
xpbiTwa BAOweHHOvi xoHCOAvi M3MeHeHna ne- 
peMeHHbix oxpywenvia ne coxpanaxjTca. flaa 
xoHTpoAa HBA 3TMM HpopeccoM WCnOAb3yX)TCa 
xoMBHAbi setlocal, endlocal m set. 

B coBpeMeHHbix onepapvtOHHbix cncTe- 
MBx cyipecTByeT mhowbctbo xombha m yTvi- 
AMT. SanOMHMTb TBXOe XOAMHeCTBO paSAVlH- 
Hbix nporpaMM, a tbm 6oAee mx napaMerpoB 


oaeHb CAO>xHO, nosTOMy oahmm m 3 cambix 
Ba>xHbix napaMerpoB aaa KawAOw nporpaM- 
Mbi ABAaeTca coHeTanwe chmboaob /?. Bh- 
noAHviB KOMBHAy c TaxMM napaMerpoM, 
noAb30BBTeAb HOAyHWT ncHepnbiBax)iAee 
coodipeHHe o npriMenenvivt yTMAWTBi vt cmh- 
TBxcHce ee napaMerpoB. 

OdpaTHTe BHHMBHHe, HTO Ha pwcyH- 
xe B AeBOM BepxHeM yray CAeAyxJrAeii 

CTpaHMpbl MCn0AB30BaH CAOrXHBTM CMHTBX- 

CMC. Tax, cpaay nocAe kombhabt shutdown 
/? nocAe cnepMaAbHoro paspeAMTeAa «|» 
MAOT xoManpa more, hto nosBOAaeT bwbo- 
AMTb MH(J)OpMapVlX) HB 3xpaH He peAVlXOM, 
a onpepeAeHHBTMvi noppuaMvi, yAodHHMvi 
AAH ABAbHevimero HTenwa. 

flAH TOrO HTodbl SaxpbITb XOHCOAb 
XOMaHAHOii CTpOKH, neodxOAHMO BbinOAHMTB 

xoMBHAy exit. 

KtO 3AGCb rnaSHblM? 

Ho CBOMM B03M0>KH0CTaM KOHCOAbHbie HpO- 
rpaMMbi AeAHTCH Ha: 

► xoMBHAbi ynpBBAeHMa onepapwoHHovi cw- 
CTeMOvi — 3TO Taxvie xoMBHAbi, xax shut- 
down HAM taskkill; 

► cereBbie xombhabi — net m ipconfig; 

► XOMBHAbl AAH MOHMTOpMHra CMCTeMbI — 

tasklist M systeminfo; 

► XOMBHAbl AAH nOAAep>XKM (JiaMAOBOM CMC- 
TeMbI — dir, mkdir, copy; 

► XOMBHAbl AAH o6CAy>KMBaHMH IXeCTXMX 
AMCXOB — defrag m diskpart; 

► XOMBHAbl aah noAAepiKXM cAywdbi xaTBAO- 
roB (Active Directories) — addrep m dsadd; 

► BcnoMoraTeABHbie xoMBHAbi, b 3 tot pa3- 
Aen bxoaht pasAMUHbie yTMAMTbi Ana co 3 ab- 
HMH cpenapMeB, nacTpoMXM npMHTepoB, pa- 
6 oth c nepeMeHHbiMM OKpyixeHMa m t. a- 

PaccMOTpMM TMnMHHbix npeACTaBMTepeM 
xaixAOM rpynnbi m hosboamm cede aptb ne- 
xoTopbie pexoMeHAapMHMM no McnoAbsoBa- 
HMX) BXAXI'ieHHblX B HMX XOMBHA. 



BbISOB KOMaHAbI Ha BbinOAHeHUe 
(anen/ieHT «Run» OTMeneH noACBeTKoii) 



KOMOHAbl MOHMTOpMHra 
M AMamOCTHKM 

flna BbiaBAeHMH nenonaAOK b annapaTHOM 
uacTM M npodneM c nporpaMMHBiM odecne- 
ueHMOM npeAHasHaHeHbi xombhabi MOHMTO- 
pMHra, TaxMe Kax systeminfo m tasklist. 3 tm 
yTMAMTbi BnepBbie noHBMAMCb TOAbxo B ooe- 
papMOHHOM cpeAe Windows Server 2003, no- 
3TOMy aAMMHMCTpaTopbi eipe ne b nonnoM 
Mepe opeHMAM iJiyHxpMOHaAbHbie bosmoikho- 
CTM 3TMX KOMaHA. Tax, HanpMMep, Tenepb ne 
HBAO sanesaTb b saxAaAxy «CBOMCTBa» mxoh- 
XM «Mom xoMnbX)Tep» — xoMaHAa systemin- 
fo HaneuBTaeT hb axpaHe xohcoam ochob- 
Hyx) MHcJiopMapMX) odo Bcex xoMnoHenTax 
CMCTOMbi c noAHOM pBcmMiJipoBKOM. Ilapa- 
MeTp /s BblBeAST MH(J)OpMapMX) 0 AXidOM 
yAaneHHOM xoMnbxiTepe. HanpMMep, aah 
B blHCHeHMH KOH(J)MrypapMM XOMObKlTepa 
TESTSERVER neodxoAMMO BbinoAHMTb cneny- 
xnpyx) xoMBHAy: 

systeminfo /s TESTSERVER 

A yTMAMTB tasklist noxaixeT npopeccbi, 
sanyipeHHbie na BameM xoMnbxiTepe. 

VTMAMTa tasklist nosBonaeT onpaiuMBaTb 
CMCTOMbi, coeAMHOHHbie B coTb. OapaMeTp /v 
AaeT B03M0)KH0CTb noAyuaTb noApodHbie am- 
CTMHFM c nonesHOM MmJiopMapMeM, b tom 
HM cne M od MMenax noAbaoBaTeneM, a napa- 
MeTp /m noxaabiBaeT npopeccbi, aarpyaMB- 
mne xoHxpeTHbiM dll-iJiaMA. flpyraa nonea- 
HBH yTMAMTB — openfiles — noaBonaeT no- 
nyHMTb MHiJlOpMapMK) odo BCeX OTXpblTBIX 
(JiaMAax AOXBAbHOM M yABAeHHOM onepapM- 
OHHOM CMCTeMbI. B npeiKHMx BepcMHx onepa- 
PMOHHblX CMCTeM WindOWS npMXOPMAOCb MC- 
noAbaoBaTb KOManpy oh.exe, b coBpeMen- 
HblX BepCMHX AOCTaTOHHO BbinOAHMTb B XO- 
MBHAHOM CTpOXe XOHCOAM XOMBHAy, XOTOpaH 
ycTaHaBAMBaeT peixMM mohmtopmhfb aah 
BC eX OTXpbITbIX (JiaMAOB CMCTeMbU » 
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Pe3y;ibTaT sbinonHeHHn onepauHH 
shutdown /? aecbivia MH<t>opiviaTMBeH 


» openfiles /local on 

nojibsOBaTejib nojiynviT wncJjopMapmo 060 
Bcex oTKpbiTbix (Jjavinax cvtcTewH, wcnojibsya 
KOMBHAy C npOCTbIM CMHTaKCMCOM: 

openfiles 

KoMBHAa openfiles c napaMeTpaww 
/query /v noxasHBaeT, Kaxvte noAbsoBBTejin 
sanycTvinvt npoAeccbi, OTKpbiBinvte (JiaviiibT. 

C noMOiAbK) Apyrvix napaMeTpoB-KJno'ievi 
Mo>KHO saABTb pasnvi'rHbm pe>KviM bbiboab 

MHlJ)OpMaAVlVt. 

KoMOHAbi ynpoBneHMq 
onepauMOHHoii CMCTeMoii 

Windows Server 2003 npeAOCTaBiuieT bamvi- 
HMCTpBTopaM HOBbie KOMBHAbi, KOTopbie no- 
MoratOT He TonbKo AviarHOCTwpoBaTb cncTe- 
My, HO VI ynpaBiiJiTb era. K tbkwm KONianAaM 
MO)KHO OTHecTH yTMAHTy shutdown. B xane- 
CTBe napaMeTpoB-KinoHevi 3T0vi yTMiiviTbr 
Mo>KHO HcnoAbsoBBTb CAeAyraiAwe: 

► /s — nojiHoe ruTaTHoe OTKjnoHeHvte 
cvtcTewbi; 

► /r — nepesarpysKa; 

► /p — BblKJHOHeHVte HHTaHwa; 

► /f — saBepureHMe padoTw aKTWBHHx 
npHnoKenwii; 

► /h — nepexoA b perxMM noHvuKeHHoro 
anepronoTpedAenvia; 

► /I — saBepureHMe ceanca 6es OTKarane- 
HMH KOMnbtOTepa. 

B BMAe cpeACTBB, perMCTpupyramero Bce 
uiTaTHbie BbTKJnoHeHMa KOMnbtOTepa, Bbicry- 
naeT odpadoTUMK coOhtmm uiTaTHbix bh- 
KJiiOHeHMM (Shutdown Event Tracker), koto- 
pbiM codupaeT m AuarHocTupyeT Bce otkaio- 
UeHMa, BbinOAHeHHbte aAMMHMCTpaTOpOM. 
Taxwe npeAycMOTpena BOSMotKHOCTb Bbixura- 
HaTb cMCTeMy c yxasaHMeM npMHMHbi, aua 
sToro neodxoAMMO McnoAbsOBBTb xurau /d. 

Kombhab taskkill, ananor xoMBHAbi kill 
B onepaAMOHHbix cMCTeMax ceMeviCTBa *nix, 
nosBOuneT «y6MTb» saBMcruee npMuotxeHMe. 


COBMeCTHO C XOMBHAOM tBSkllst STM yTMUMTbl 

npeACTaBuaraT co6oii MorpHoe cpeACTBO Aua 
onepaTMBHoro BMeuiaTeubCTBa b xoa Bbmou- 
HeHMu npMJiotxeHMM, npeACTBBUflrarAMx no- 
TeHAMBAbHyra yrposy auh npoMSBOAMTeub- 
HocTM cepBepa. Hs napaMBTpoB stom xombh- 
Abl HeOdxOAMMO OTMBTMTb XUtOH /pid, XOTO- 

pbiM nosBOuaeT saaepuraTb npopecc no ero 
yHMxaubHOMy MAeHTMtJmxaTopy, m xuraH 
/im — AUH saBepmeHMfl npMuotxeHMa 
c yxasBHHbiM MMBHeM. CueAyraiAMM npM- 
Mep nosBOAfleT saBepuiMTb npopeccbi 
c MABHTMiJmxaTopaMM 1000 m 1240: 

taskkill /pid 1000 /pid 1240 

KoMOHAbi Anq o6cny>KiiBaHiiq 
MCeCTKMX AMCKOB 

OnTMMMsapMX) txecTxoro Aucxa nosBOAfleT 
BbmoAHMTb xoMBHAB defrag. VTMAMTa yMeeT 
AeiJtparMeHTMpoBBTb amcxm c (JtaMAOBOvi cmc- 
TeMOM FAT, FAT32 m NTFS. Defrag oamhbxobo 
xopomo padoTaeT xax c AMHaMMuecxMM tm- 
noM AMCxa, Tax m c OasoBbiM. Cmhtbxcmc bh- 
30BB STOM xoMaHAbt CAeAyxnAMM: 

defrag amcx [ -a ] [ -f ] [ -v ] [ -? ] 

IlapaMeTp -a npeAycMBTpMBaeT toabko 
aHBAMS MH(|)opMaAMM HB Aucxe, napaMerp 
-f — OnTMMMSaAMX) MHtJtOpMBAMM, B TOM HMCAe 
M npM OTCyTCTBMM HBOOxOAMMOFO AUCXOBOrO 
npocTpancTBa aah cosAaHMa BpeMeHHwx (Jjavi- 
AOB, a napaMeTp -v — bbiboa OTueTa 0 xoAe 
onTMMMsapMM. He sadyAbTe, hto aab ycnem- 
HOM AetJtparMeHTBAMM amcx AOAtxen coAep- 
tXBTb xax MMHMMyM 15% CBOdoAHOPO MeCTB. 

Kombhab fdisk ytxe ne noAAeptxMBaeTca 
aApoM onepaAMOHHOM cMCTeMH Windows 
Server 2003. Ha cMeny eft npMurna xombhab 
diskpart, Taxrxe npeAHasHaueHnaa Ana o6- 
CAytxMBBHMa txecTXMx amcxob. PasdMTb amcx 
H a pasAeAbi, cosaatb norMuecxMe amcxm, 
yABAMTb MX — BOT AMUIb HeXOTOpbie SBABUM, 
peuiaeMbte SToft yTMAMToft. B ochobhom 
xombhab diskpart opMeHTMpoBBHa na pa6o- 
Ty CO cnepMaAbHbiMM (JtaftAaMM-CAeHapMHMM, 



B xoTopbix onMcaHbi npoueAypbi odcnytxMBa- 
HMH tXeCTXMX AMCXOB. BOT X3X BbimaAMT Bbl- 
30B 3Toft xoMaHAbi Ana (^taftna-CABHapMa 

Scriptl.txt: 

diskpart /s Scriptl.txt 

KarxAaa cipoxa laxoro (Jtaftna aanaeTca 
MHCTpyxAMeft Ana xaxoft-HMdyAb onepa- 
AMM. Tax, HanpMMep, abbt xoMaHAy Ana co- 
SABHMa HOBoro pasAena c onpeAeneHHHM 
pasMepoM cTpoxa 

create partition logical size=2048 

CereBbie KOMOHAbi 

CpeAM ceTeBbix xombha xoTenocb 6 h bhab- 

AMTb abb yTMAMTbl. HepBBa — 3T0 XOMBHAB 

ipconfig, BTopaa — netstat. CMCTBMHbie aA- 

MMHMCTpaTOpbl MCnOAbSyXtT STM XOMBHAbt HB 
TOAbxo Ana MOHMTopMHra cbtm, ho m Ana sa- 
lAMTH ot onacHbix nporpaMM, nbiTaraiAMx 
yCTBHOBMTb XOHTpOAb HBA CMCTeMOft. 

HpM noMOuiM yTMAMTH ipconflg nonbso- 
BBTeAb MOtxeT ysHBTb ceTBBOft BApec CBoero 
xoMHbraTepa, a BbiSBaB sTy xoMaHAy c napa- 
MBTpoM /all, noAyuMTb noAHyra MH())opMa- 
AMK) 0 xoH())MrypaAMM cbtm hb noxaubHOM 
xoMAbraTepe. HapaMBTp /renew nosBonaeT 
MSMBHMTb cBTeBbie HBCTpoftxM 6 b 3 nepesB- 
rpysxM Bceft CMCTeMbi b abaom. 

EcAM Bbt SaMeTMAM, HTO C BBIAMM XOM- 

nbXJTepoM npoMcxoAMT hto-to HenaAHoe, to 
B STOM cnyaae noMotxeT xoMaHAa netstat, 
xoTopaa He toabxo yxatxeT na OTxpbtTbie ce- 
TBBbie nopTbl, HO XOTOpbtM 3A0yMbmiAeHHM- 
XM MOTAM nOACOBAMHMTbCa X BaUieft CMCTe- 
Me, HO M MAeHTMtJtMAMpyeT npoAeccbi, sany- » 


KoMOHAa 

OnMCOHiie 

whoami 

BbIBOAMT MHCt)OpMai4MfO 0 flOMeHHOM MMeHM, MMeHM KOMnbfOTepa, HM6HM 
no;ib30BaTe;ifl, MMeHM rpynnbi, npMBM/ierMHX m no;iMTMKe fl/ia reKymero 
no;ib30BaTe;ifi 

ftp 

aanycKaei npouecc obMena AaHHbiMM no npoTOKOuy FTP 

nib 

n03B0/lReT np0M3B0flMTb MOHMTOpMHr CeieBblX COeAMHeHMM 

nibmgr 

npoMSBOAHT HacTponxy cucieMbi xnacTepoB Network Load 

Ta 6 n. 1 . CereBbie KOMaHAbi onepaAHOHHoii CMcreMbi Windows Server 2003 


CHIP 


SPECIAL 


1 1 
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Komohao 

OnMCOHMe 


copy 

KonnpyeT ((jaiinbi 


del 

yflanser oflMH kinki donee (}>aknoB 


dir 

BbiBOAMT CHHCOK (fjaHnoB M HOAAHpeKTopMpi B BbidpaHHOM xaTaAore 


find 

HipeT saAaHHym noACipoxy b (JiaMnax 


move 

nepeMeiAaer (fiaHAbi 


mkdlr 

co3AaeT Kaia/iorM 


rmdir 

nepemvieHOBbiBaeT m yfla/ifieT Kara/iorM 


tree 

BbiBOAMT HepapxMMecKoe AepeBO Bcex ({jaHAOB h noAAHpeKTopHH b 
B biSpaHHOM Karanore 


Ta6.n. 2 . Chhcok KOMaHA Abm noAAepJKKH pa6oTbi c (tJaiiJiaMH m AMpeKTopMniviM 
B onepaitHOHHOM CMcreivie Windows Server 2003 


» meHHbie Ha cepaepe 6e3 aamero BeAOwa. 
Tax, KntOH /o bhboamt wHcJjopMaAvito 
o6 MAeHTM(J)MKaTope npopecca (PID), wc- 
nonbsytoiAero to huh mhob ceTeBoe cobam- 

HBHVie. CyiABCTByBT B03M0>KH0CTb nOCMO- 
TpBTb, KaXWB KOMHbroTBpbl B CBTH B3aWMO- 
ABvicTBytOT c BaniBii AOKajibHoii onBpaAvt- 
OHHOVi CMCTBMOVi. IIpVlMBpHblVi CHWCOK 
Apyrwx nojiB3Hbix cbtbbmx KOwaHA npviBB- 
ABH B Ta6jl. 1. 

KoMOHAbi Ann noAAep>KKM 

cny>K6bi KOTanoroB 

BCH CBTb COCTOWT V13 KOMHOHBHTOB M npBA" 

CTaBJiBBT C060W cno)KHyio viBpapxHHBCKyio 
CTpyxTypy, nocTpoBHHyto b bmab AepBBa. 
06 bBKTaMM Taxovi chctbmh HBJiax)TCJi caiiTbi, 


HOM CTpOKM 

HaMAHTB B peecTpe kjixjh: 
[HKEY_LOCAL_MACHINE\SYSTEM\ 
CurrentControlSet\Control\Session\ 
ManagerXEnvironment] 

Co 3 AaMTB B 3 T 0 M KJix)He CTpoKOBbiM napa- 
MBTp «PROMPT» C TMnOM 
(REG_EXPAND_SZ) m npHCBOMie oaho H 3 
CBBAyXJLAMX 3 HaHeHMM: 

$B — BepTMKaabHaa Mepia «l»; 

► $D — TeKyipaH ASTa; 

► $G — 3 Hax SoBbLue «>»; 

► $L — 3 Hax MeHbiije «<»; 

$N — TeKyiAMM ahck; 

$P — TexyiAMH ahck m nyib; 

$Q — 3 H 3 K paBHO «=»; 

► $T — Texyipee bpbmb; 

► $V — BepcMB Windows; 

$$ — 3 Hax AOBBapa «$». 


n0Hb30BaTBJlW, XOHTaXTH, pa3ABAflBMbIB CB- 
TBBblB yCTpOMCTBa. 

flnK MOHMTopviHra Taxovi cno)XHOvi CTpyx- 
Typbi B onBpapHOHHOvi chctbmb npBAycMOT- 
pBHa xoMBHAa dsquBry, xoTopaa npBAHa3Ha- 
HBHa abb pacuivipBHHoro novicxa xomhohbh- 
TOB cny>x6bi xaTaJioroB. Tax>xB stom xoMan- 
AOii MO)XHO n0Ab30BaTbCB abb BbIBOAa HH- 
(JjopMaAwvt 0 cBoiicTBax Bbi6paHHbix xomho- 
HBHTOB (XAX)H -attr). IlapaMBTpbl -scopB, 
-subtrBB, -onBlBVBl, -basB onpBAeBaxiT ypo- 
BBHb BHO}XBHHOCTVl HOVlCXa, a XJ1X3H -filtBI 
n03B0BBBT 3aABViCTBOBaTb (JjWJlbTp Hovtcxa. 

KoMaHAa dsmod mowbt noMOHb b CBynaB 

HBOdxOAVlMOCTM MOAHlJ)VtXaAVlW OAHOVi WJIVI 
HBCXOBbXVtX yHBTHbIX BaHMCBM ABB BbldpBH- 
Horo xoMHOHBHTa CBy>x6bi xaTanoroB. Ha- 
npVlMBp, MO)XHO yAaBVlTb n0Bb30BaTBBB V13 


6oJ1bLUOM CHCreMbl 

riocjie nepeaarpysKM bbi yBMAme npMma- 
LUeHMB B OnpeABBeHHOM BBMM BMAB. 

ABTOHa6op KOMaHA 

flBH BKBX)HeHMH B 03 M 0 >XH 0 CTM aBTOHaSO- 
pa KOMaHA no Ha>xaTMX 3 K/iaBMiiJM «Tab», 
HaMAHTB B peecTpe kbxjh: 
[HKEY_CURRENT_USER XSoftware 
XMicrosoft XCommand Processor] 

SaieM ycTaHOBMie SHaneHMe napaMeipa 
CompletionChar paBHbiM 9 , hto cooTBei- 
CTByei MABHTMCpMKaTOpy KJiaBMLlJM «Tab», 
saxpoMTe peecTp m nepesarpysme kom- 
nbxriep. B oxHe kohcojim, Ha 6 npaH nacTb 
HM 6 HH KOMaHAbi, Bbi MO>xeTe Teoepb Ha- 
>xaTb KaaBMUjy «Tab», m Windows aBTOMaiM- 
HecKM noACTaBMT HeoSxoAHMyx) xoMaHAy. 
HsivieHeHMe uaera KOHCoaM 
HaPiAMTe b peecipe khxjh: 
[HKEY_CURRENT_USER\Software\Microsof 
tXCommand Processor] 


noACBTvi, cepBBpbi, xoMnbxrTepbi, rpynnbi. 


ToHKan HacTpoMKO kohcojim 


MajieHbKMe ceKpeibi 

klsMeHeHiie npHMauieHHn abh KOMaHA- 



rpynnbi vuiw HasHaHWTb BMy HOBbiii napoBb. 
IlpvtMep vtsMBHeHHH yHBTHoii sanvicw abb 
noBbsoBaTBAB iBStUsBi npviBBABH hvuxb: 

dsmod USB! 

"CN=TBStUsBr,CN=UsBrs,DC=bigtBx,DC=nBt 
" -pwd Uf@tfingBrBlt -mustchpwd yBS 

KoMBHAa dsmovB nBpBMBipaBT odbBXT 
B npBABBax TBxyiABro AOMBHa. IIpM homoiam 
xnxjHBM -HBwnamB m -nBwpaiBnt mo>xho 3a- 
AaBBTb HOBOB MMH odbBXTB M MBHKTb BTO MB- 
CTonoBorxBHWB. 

KOMOHAbl A^n nOAAepJKKM 
<t>aiiiiOBoii CMCTeiuibi 

OnvicaHHB HBXOTopbix HacTO ynoTpBdnnx)- 
lAMXCB XOMBHA ABB pabOTbl C (JjaHAaMM W AM- 

pBXTopwflMM npBACTaBABHo B Ta6B. 2. Ko- 
MaHAy dBltrBB, xoTopan BbinoBHfiAa xacxaA- 
HOB yAaBBHMB HaHOX W (JiaHAOB B HWX, 3BMB- 
HHBT TBHBpb rmdil C XBXJHOM /s. 

SoKiiiOHeHiie 

Hy, BOT VI BCB. Mbi paccxaaaavi o6 ocHOBax 
paboTbi c xoHCOBbX). flaBbinB npBAOCTaBAa- 
BM BBM B03M0)XH0CTb CaMMM MCCBBAOBaTb 

(JjyHxpviOHanbHocTb vi MHoroodpaaviB xoh- 
COBbHblX XOMaHA. TOAbXO HB 3a6bIBaHTB 3a- 
BBTHblvi XBX)H /?, a OCTaBbHOB HpVlABT CO 
BpBMBHBM W OHbTTOM. ■ ■ ■ AHflpeM OsepOB 


MsMeHMTe napaMeip DefaultColor. SHane- 
HMe -FO onpeABJiMT bbiboa HepHoro Texcia 
Ha 6enoM cpoHe, a snaHeHMe IE yAMBMT 
Bac >xe/iTO-CMHeM pacpBeiKOM kohcobm. 

EbicTpbiii aanycK kohcojim KoiviaHAHOM 
CTpOKM M3 KONTOKCTHOrO M6HIO 

FlaMAMTe b peecipe k^xth: 
[HKEY_CLASSES_ROOT XDirectory XShell] 
flodaBbie b Hero noApasAenbi 
«CommandPrompt Command». FlapaMei- 
py Defauit KJixjna Command npHCBOHie 
3HaneHMe «cmd.exe /k cd "%1"» 
riapaMeipy Default Knrana Command 
Prompt npMCBOMTe SHaneHMe «Open 
Command Prompt®. 

lUeaxHyB npaBofi KHonKOM mbilum na /ira- 
6 om nanxe b flpoBOAHMKe, mo>xho BbiSpaib 
KOMaHAy Open Command Prompt, KOTopaa 
SanyCTMT KOHCOJlb C KOMaHAHOM CTpOKOM 
B HyjXHOM AHpeKTOpMM. 


CHIP 


SPECIAL 
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Bo3MO)KHOCTb yfla/ieHHoro aAMUHucrpn- 
poBaHMfl rpYAHO nepeopeHurb tgm, KOMy 
Heo6xoAMMO ynpaB/ifiTb KOMnbiOTepaMM, 
cj)M3MMecKMM Aociyn K KOTopbiM orpaHM- 
HeH no KaKMM-nn6o 


O CHOBHoe HasHaHeHi/ie Terminal Services 
aaKjiKDHaeicfl b npeAocTaBjieHm/i bo3- 
Mo>KHocTM pa6oTaib c yAa/ieHHOM Ma- 
lUMHOM TaK }Ke, K3K M C JlOKa/lbHOW, TO eCTb OC- 
TaB/iflTb no;ib30BaTe;i5i b paMKax npi/iBbiHHoro 
A/ifl Hero nHTep4)eMca. Kpowe 3ioro ona no3- 
BO/lfler MHO>KeCTBy K/lHeHTOB COBMeCTHO MC- 
no;ib30BaTb pecypcbi oahofo moiahoto kom- 
nbiorepa, a TaK>Ke Bbino/iHAib Ha new aaAani/i, 
Aiifl KOTopbix /lOKa/ibHOMy KOMnbtoTepy ne xBa- 
Taer pecypcoB. CxeNia pa6oTbi Terminal 
Services (pMc. 1) TaKaa: npw noAK/iiOHeHMM 
KiiHenra na cepeepe cosAaercA ceccMA c BMp- 
Tya/ibHbiM AncnneeM, na Koropbm bbiboa^t 
MH 4)opMa4mo 3anycKaiOLAi/iecfi b btom ceccm/i 
nporpaMMbi, K/iMeHiy me nepeAaeicfl To/ibKO 
MH4)opMa4Mfl o6 M3MeHeHm/i n3o6pameHMfl 
Ha BMpiyanbHOM A^cnjiee. TaxMx ceccMH, ecre- 
CTBeHHo, Momer 6biTb mhoto. B w2k3 xpoMe 
nepeAaHM n3o6pa>KeHi/ifl raxme pea/inaoBanbi 
M B03M0}KH0CTM HOAK/llOHeHHfl K CeCCMM H3 Cep- 
Bepe A^CKOB, noc/ieAOBare/ibHbix nopioB, npuH- 


TepoB M nepeaApecapMM 3ByKa c cepeepa na ;io- 
Ka/ibHbm Kownbiorep. Mbi paccMorpHM npHMene- 
HMe Terminal Services A-ha yAa/iennoro ynpaBJie- 
Hm cepBepawM h pa6oHHMn craHAHAMM. 

HacTpoMKa cepsepa 

Remote Desktop for Administration — aro 
BapnaHT Terminal Services c Hewnoro orpann- 
HennoM (JryHKpnoHa/ibHocTbio (no3Bo/meTCB 
cosAanne naKcnwyM Asyx oAHOBpeneHHbix 
coeAMHeHMM M coKpaipenbi bo3mo}khoctm 
MHorono;ib30BaTe/ibCKoro Aocryna k npnno- 


>KeHMBM), 0AH3K0 MMeK)lAMXCB c()yHKHMM A-HJl 
aAMMHMCTpnpOBaHMB XBaTMT C nadblTKOM. 

AKTMBMpoBaTb Remote Desktop mowho c 
noMoipbio MHcrpyMeHTa System n3 Koniponb- 
HOM nanenn. A-ns 3Toro na BKnapKe «Remote» 
Hy>KHo ycTanoBkiTb (|)na)KOK «AlLow users 
to connect remotely to this computer* 

(puc. 2). Cpaay nocne npuMeueHUB ua- 
crpoex cepBep totob npuuuMaib BxoAJUAue 
coeAUHeHMB. flo yMo/iHaumo yAa/ieuHbiii 
Aocryn k cepeepy MMeroT ro/ibKO le nonbso- 
Baienu, KOTOpwe bxoajit b noKanbuyio rpynny » 



TepMMHanbHbiii cepaep 


TepMMHaAbHblH KAMeHT l/l3o6pa>KeHkie 

< 

TepMMHanbHbiii ceccHn 


pea/ibHbiM Ancnneii 

BMpTya/ibHbiM AHcn/ieM| 


KoMauAbi 

KnaBuarypa Mbiiiib ^ 

npnnorKeHue 1 npunorKeuue 2 , 
npuAOKeuue 3 npuAorKeuue 4i 


Pmc. 1. Cxeivia pa6oTbi TexHoaorHM Terminal Services 


CHIP 


SPECIAL 


1 1 




» «Administrators». Ec/im hy>kho, hto 6bi yfla- 
/leHHbiM AocTyn k cepaepy nMe;iM m no/ibaoBa- 

Te;iM, KOTOpbIM Bbl H6 XOTHTB flaBBTb aAMMHM- 
CTpaTopcKne nojiHOMOHuji, arc mo>kho CAs/iarb, 
HawaB Ha KHonKy «Select Remote Users» m 
A o6aBMB B nojiBHBmeMCB AnajioroBOM okhb 
H ywHbie BBM yneTHbie 3anncM. Pea;ibHo c no- 
MOipblO 3TOrO OKOUJKa M3MeHBeTCB HJieHCTBO 

B aoKajibHOM rpynne «Remote Desktop Users», 
B KOTopoM M Ha3HaHeHbi opaBa AocTyna, ne- 
o 6 xoAMMbie A^fl yciaHOBaeHMji coeAHHeHMji 
M pa6oTbl B TepMMHaJlbHOii CeCCMM. ripaBO AO- 
cryna k lepMHHajibHOM ceccMw pery/iMpyercB 
TaK)Ke c noMoipbK) (fi;ia}KKa «Allow Logon 
to terminal server® Ha BKnaAxe «Terminal 
Services Profile® b CBowcTBax yHeiHoii 3ann- 
CM nonbaoBaTejifl. lloyMonHaHMio 3tot (fma- 
}KOK BK/iiOHeH. rioBeAeHMe cepBepa nocne 
yciaHOBneHMji coeAHHenMn onpeAenneTCfi 
cneAyioiAMMM napaMerpaMM. 

► MaKCHwanbHoe Bpewn aKiMBHow pa6orbi 
nojibsoBaTenji b lepuMHaribHOM ceccMw 
(Active Session Limit). OiCHer speneHM 
HaHMHaeTCfi c MOMenra bxoab b CMCieMy. 

► MaKCHwanbHoe Bpewn 6e3AeMCTBMn nojib- 
aoBarenfi b TepMMHanbHoii ceccMM (Idle 
Session Limit). OrcHer BpewenM HaHnnaeTcn 
c noc/ieAHero coBepmennoro no/ibsoBareneM 
AeMCTBHB B CMcrewe. 

► fleMCTBMe, KOTopoe BbinoaHnercB cepaepow 
npH paspbiBe coeAMHeHnn mv\ npw AocTwiKe- 
HMH nMMMTa BpeMOHM padoTbl, — 3 AeCb B 03 - 
M 0 )KH 0 /im6o oTKaioHeHMe (npw 3tom Bce 3 any- 
lAeHHbie nporpaMMbi npopoaiKaiOT HopManb- 
Hyio pa 6 ory), nwdo noanoe aaKpbiTMe ceccMH. 

► Bpenji, Hepea KOTopoe oiKBioHeHnan 
ceccMn 6yABT nojiHocibio aaKpwTa (End Dis- 
connected Session). 

► OrpaHMHeHMe na aApeca, c Koropbix MorneT 
npoBOAMTbcn noBTopHoe noAxmoneHMe k ot- 
KmoHeHHOM ceccMM. 3Aecb bo3mo>kho abb 
B apwaHTa — v\m c roro >Ke caMoro aApeca 
(From Previous Client), m/im c mo6oro 
(From Any Client). 
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Bce 3TM napaweipbi momho wenjiTb awSo 
KaiKAOMy nonbaoBaremo wHAMBMAyaabHo 
(BKnaAKa «Sessions» b CBoiicTBax yneTHOM 
aanwcM nonbaoBarenji, n\/\6o cpaay abb Bcex 
noBbaoBareBeii cepaepa c noMoiAbio ocnaciKM 
«Terminal Services Configuration® wa Memo 
«Administrative Tools®. Ecbh BKBioHMTb 3th 
onpHM Ha cepBepe, TO nHAHBMAyaBbHbie na- 
crpoMKH yneTHbix aanMceii AewcTBOBaTb ne 
6yAyi. Ha cepaepe mo>kho tbk >Ke nepeonpe- 
AeBMTb M Apyrwe napaMeipw, nanpHMep ot- 
KBtoHMTb nepeaApecapmo amckob, npHHiepoB, 
dyijiepa oSMena m aayKa m t. a. OcnacTKa 
«Terminal Services Manager® (pwc. 3) npep- 
HaanaueHa abb ynpaBBeHMB aKTHBHUMw rep- 
MMHaBbHblMM CeCCMBMH. C ee HOMOlAblO MOIKHO 
OTKBIOHMTb MBM c6pOCHTb nOBbaOBBTeBB C Cep- 
Bepa, nocBBTb eMy coodigeHMe, noAKBtomiTbCB 
K aKTMBHoii ceccHH, nocMorperb cbmcok aany- 
igeHHbix B ceccMM npuBowenHii h Aawe npHHy- 
AMTeBbHo KaKoe-Hn6yAb aaBepuiHTb. 

HacTpoMKa KjmeHTa 

flBB yABBeHHoro noAKBioHeHMji k cepaepy 
McnoBbayercB cnepnaBbHBB nporpaMMa 
Microsoft Terminal Services Client, KoropaB 
CTBBMTCB nOyMOBHaHMK) HB onepBpMOHHbie 
CMcreMbi BMHeiiKM XP (HaiiTM ee mowho 
B Memo «All Programs Accessories ^ 
Communications ^ Remote Desktop 
Connection®). BepcMio abb APyrwx one- 
papMOHHbix CMCTeM ceMeMCTBB Windows mo>k- 
Ho aarpysHTb c caMia Microsoft (www.mi- 
crosoft.com/windowsxp/pro/downloads/rdcli 
entdl.asp). /(bb coeAHueuMB rpedyercB Bsec- 
TM MMB MBM IP-BApec cepBopB M HawaTb KHOn- 
Ky «Connect® (pwc. 4). flonoBHMTeBbHwe na- 
CTpOMKM MOWHO npoBecTM, HarKBB Ha KHonxy 
«Options». 3Aecb na BKBaAxe «General® bbo- 

ABTCB MMB nOBbaOBBTeBB, UapOBb M AOMeH. 

Tyr )Ke ecTb BoaMowHocTb aanwcaTb ace hb- 
CTpoMKM B (JiaMB. Ha BKBBAKe «Display» ycra- 
HaBBMBaeiCB paapeuienMe BMpryaBbHoro 3 k- 
pana n rBy6nHa Liaeia. Ha bkbbakb «Local 
Resources® mobtho paapemMib noAKBiOHeuMe 

BOKBBbHblX npMHTepOB, AMCKOB KTepMMHBBb- 
HOM ceccMM, a tbk >Ke axmoHMib nepeaApeca- 
pMio aayKa c yAaBeuHoro KOMObioTepa ua bo- 
KaBbHbiM. Ha BKBBAKe «Programs» mowho 
yKaaaib nporpaMMy, KoropaB 6yAer aanyc- 
KaibCB nocBe ycnemuoro bxoab hb yABBeHuyio 
CMcreMy. Ha bkbbakb «Experience» Bbidupa- 
ercB KBHecTBo coeAMueuMB mbm epyunyio aa- 
ABiOTCB BBMBioiAMe HB Hero napaMerpbi. Kbk 
ywe roBopMBOCb, HacipoMKM noAKBioneuMB 
MOlKHO COXpaHMTb B (jiaMB. ECBM OTKpbITb TB- 



Pmc. 4. 3a- 


nycK YAa/ieH- 


Horo noA- 


K/HOHeHMn 




Koii (JiaMB, TO 6yABT aanyigeH TepMMHaBbHWM 
KBMBHT M npOMaOMABT aBTOMaTMUeCKOe nOA- 
KBKiHeHMe K cepBepy c coxpaHeHHbiMM hb- 
CTpOMKBMM. MoiKHOTaKlKe nOAKBKlHMTbCB 
HenocpeACTBeHHo k kohcobm cepaepa. /Jbb 
3Toro H3A0 aanycTMTb TepMMHBBbHoro kbm- 
eHTB C KBIOHOM /coHSole. 

SaicnioHeHiie 

CepBMC Remote Desktop for Administration 
HecoMHeHHo noBeaeH, a b HeKOTopwx CBynaBx 
npocTo HeaaMBHMM. VnpaBBBTb a 6 cbtkom cep- 
BepoB, pacnoBoiKeHHbix b paaHwx paMonax 
ropoAa, dbicTpee m yAodnee He hokmabb cBoe- 
ro padoHero mbctb. ■ ■ ■ PoMan CbipueB 


CoseTbi no McnojibaoBOHMio 


BaxHbie MejiOHH 

► He 3a6biBaMTe o tom, hto ynpaBBeHne 
cepeepoM npoMcxoAMT yAaneHHO. CneAy- 

6T C OCTOpOlKHOCTblO OTHOCMTbCB K AGM- 
CTBMBM, KOTopbie TpedyioT nepeaarpys- 
KM cepBepa mbm CBBsaHW c MSMeHeHM- 
eM ceTeBbix HacTpoeK. HanpMMep, aa- 
SbiTaB B AHCK0B0A6 AUCKBTa He AacT 
cepBepy BarpysMTbCB, a CMena IP-aApe- 
ca npMBeAOT k HeAocTynHOCTM cepeepa 
M3-3a OTcyrcTBMB npasMBa b firewall abb 
HOB oro IP-aApeca. 

PeKOMeHAyeTCB HacTpoMTb cepBep tbk, 
HTodbi oh OTKBioHaB, a H6 saBepiua/i cec- 
CMK) npM paspbiBe cbb3m. bnaroAapB 
3T0M HacTpoMKe 3a^yu^eHHble b ceccMM 
nporpaMMbi 6yAyr paSoTaTb, ecBM He- 
OlKMAaHHO npepBOTCB CBB3b. V Bcex, 

KTO MMeeT yAaneHHbiM AocTyn k cepaepy, 
AOBlKHbl 6blTb yCTaHOB/ieHbl CBOlKHbie 
napoBM. 3 to ocodeHHO aaiKHO b tom c/iy- 
Hae, ecBM cepaep HaxoAMTCB b klHTepHe- 
Te M/IM B paPiOHHOM COTM. 


CHIP 


SPECIAL 


N5 1 1 



3 KCn/iyATAUM^ 


BOCCTaHOB/ieHMe CHCieMbi noc;ie 


c 6 o e B 


78 



o6ne 


CoBpeweHHbie OC aobo/ibho ycroMMUBbi k c 6 ofiM, m CTa 6 n;ib- 
HOCTb CMCreMbl TGM BbllUe, MGM MeHblUe B Hee BHOCMTCB 
M 3 MeHeHMM. Ho Ha ;i[o 6 om KOMnbtorep npnxoAHTCfi ycraHaB- 
/iMBarb paa/iMMHoe Aono/iHme/ibHoe FlO m o 6 opyAOBaHne, 
Ha MTO OC MO>KeT oipearMpoBaTb HeaAeKBarHo m astb c 6 om. 




V 





OCHOBHbie MCTOAbl 


CHIP 




0 6biHHo npouecc aarpysKn OC pa3Ae;ieH 
Ha HecKoabKO aranoB: MHi/mMaBM3apnji, 
pa6ora 3arpy3HHKa, 3arpy3Ka Bflpa, pe- 
rMCTpabiMfl. M ecBM B03HHKai0T npo6/ieMbi na 
KaKoii-To M3 3TMX 033, onepapMOHHaji CMCTewa 
He CMower BbinoaHMib ycneiiiHyio 3arpy3Ky. 

B Windows rpMcyrcTByioT pa3/iMHHbie 
cpeACTBa, KOTopwe mo>kho Mcno/ib30BaTb 
Ana BoccTaHOB/ieHMB ee pa6oTocnoco6HocTn. 
OcHOBHbie M3 HMx — 3TO Safe Mode (6e3o- 
nacHbiii pewMw), Recovery Console (KOHCo/ib 
BoccTaHOBneHMJi) m Automatic System Reco- 
very (aeapMMHoe BoccraHOBneHMe CMcieMbi). 
Hlo6bl Bbldpaib 3TM peWMMbl, Hy>KHO BOMTM 
B MeHK) Aono/iHMie/ibHbix BapnaHTOB aarpya- 
KM, Ann Hero hboOxoammo HawaTb K/iaBMUjy F8 
(pnc. 1) BO BpeMB aanycKa cMcreMw. 

CTOHOB„eH„e.MCTe«.. 

bene c 6 oes 

AaBaMie paccwoipMM re AeiicTBMfi, KOiopwe 
Heo6xoAMMO npoBecTM b enynae OTKaaa OC. 

nocnenHnn 

ynoMHasi KOH<t>Mrypai|Msi 

EcnM npodnewa BoaHMKna epaay noc/ie M3we- 
HeHMfi HaerpoeK CMCTewbi, cneAyei aarpyaMTb 
Windows b perKMwe «Last Known Good 
Configuration®. 3 tot perxMM BoccTanaBnMBa- 
er MH(|)opMaAMio peecipa m HaerpoMKM Apaii- 
Bepa, KOTopbie Mcno/ibaoaanMCb, KOCAa CMCie- 
Ma nocneAHMM paa ycneiiJHo aarpywanacb. 

flpM 3T0M BOCCTaHaBnMBaercB ronbKO BeiBb 

peecrpa HKLM\System\CurrentControLSet, 

M no3TOMy He pemaKiTCJi npo6/ieMbi, BbiaeaH- 
Hbie noBpe>KAeHMeM m/im norepeii CMcreMHbix 
paaAenoB m^m (Jraii/ioB. » 
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peoHHMaTopa 


» Ec/im yAa;iocb sarpyanib Windows b pe- 
MMMe nocneflH6M yflaHHoii KOH(|)MrypaL(MM, 

TO nocneAHne nsMeHeHnn, Koropwe 6bmn 
CAe/iaHbi B CMCTewe, n fiBn/incb, CKopee Bcero, 
npMHMHoii, npensTCTByroiAePi KoppeKTHOwy 
aanycKy. VAannTe vim BbinonHure odnoBne- 
Hi/ie c 6 omhom nporpawMbi nnn Apaweepa, 
3aT6M 3arpy3MT6Cb b odbiHHow pe>KMMe. 

EesonacHbiii peMcmui 

ripn 3arpy3K6 b Safe Mode 3anycKaioTCfl ronb- 
Ko re ApawBepw n cny>K6bi, Koropwe neo6xo- 
AMMbi Aae padoTbi. flaHHbm pewnn ncnonbay- 
erce p,m pemeHne npodnew, BbiaBanHbix 
omndKaMM b ApawBepax, c6oMHbiMn nporpaM- 
MaMM M/1M c/iywdawM, Koropwe aanycKaroTce 
aBTOMaTMHecKM. 3arpy3MBiiJMCb b 3 tom pe>KM- 
Me, oTK/iiOHMTe M/1M yAa^MTe HeKoppexTHo pa- 
doTaioiAMM KOMnoneHT, KOTopwii npenercTBy- 
er 3arpy3Ke Windows. 

Ecnn KOMnbioTep ne CMor aarpyanTbcn 
B 6e3onacHOM pewnwe, cneAyer Bocnonbso- 
BaTbcn Recovery Console. Ecnn we n 3 tot 
cnoco6 He noMoraei, to npodnenbi, CKopee 
Bcero, Bbi3BaHbi Tonbxo hto ycTaHOBnen- 
HbiM o6opyAOBaHneM. OTKJiiOHMTe ero m no- 
npodyMTe aarpysMTb KownbK)Tep b o6bm- 
HOM pewMMe. 

B TOM cnynae, ec/iM aarpyaxa b Safe Mode 
6bma BbinonHena ycneiiJHo, neodxoAMMo onpe- 
AenMTb npwHMHy c6oe b npoL(ecce aarpysKM. 

B onepapMOHHOM cwcTeMe MMeeTca HecKo/ibKo 
MHCTpyWeHTOB, KOTOpbie MOryT B 3TOM nOMOHb. 

BbinojiHMTe BXOA noA yneTHOM aanwcbio 
c npaBAMM aAMMHMCTpaTopa CMCTeMw m npo- 
CMOTpMTe wypHanbi co6biTHM (eventvwr.msc). 
Heo6xoAMMO npoBecTM anams wypnana cn- 



Pmc. 1. MeHK> BapMaHTOB aarpysKH flK 


CTeMbi M wypHana npMnoweHMii Ha na/ikiHMe 
npeAynpewASHHii m coodiAenMii o6 omn6Kax 
(pMC. 2). OdpaiAaMTe BHMMaHMji na mctohhm- 
KM Co6blTMM. 

KoHCOHb BOCCTaHOBneHMn 

Recovery Console npeACTaenaeT co6om na6op 

CpeACTB KOMaHAHOii CTpOKM, CHOCodHblX HO- 
MOHb BOCCTaHOBMTb OC. floCTyO K 3TOM KOHCO- 
/1M MowHo nojiyHMTb AByMji cnocodaMw: c aa- 
rpyaoHHoro CD Windows Server 2003 m/im 6e3 
Hero, ecnw xoHConb ywe ycTanoBnena na kom- 
nbioTepe. Ee cneAyeT aanycxaTb to/isko b tom 
cnynae, ec/iw npeAbiAyiAne cnocoOw nonoww- 
TenbHoro 3(J)4)eKTa ne !\am. 

B 3TOM peWMMe MOWHO BbmO/IHBTb cneAy- 
lOiAMe onepariMM: 

► no/iynaTb AoCTyn k noxanbHbiM amckam; 

► paspemaTb vinvi aanpeiAaTb ApaMBepw 
ycTpoiicTB M/IM cnywO; 

► KOHMpoBaTb (JjaMnbi c ycTaHOBOHHoro AMCxa 

MJIM CbeMHbIX HOCMTe/ieM (oOpOTHOe KOHMpO- 
BaHMe aanpeiABHo); 

► C03AaBaTb HOBbIM 3arpy30HHblM CeXTOp M 
HOByio ocHOBHyio aarpyaoHHyio sanMCb (MBR); 
3TO MoweT noTpeOoBaTbCfl npM c6oe sarpyaxM 
c cyiAecTByioiAero aarpyaoHHoro cexTopa. 

Recovery Console npensTCTByeT HeaBTo- 
pM30BaHH0My AocTyny k pa3Ae/iaM, TpeOye 
BBecTM naponb /loxa/ibHoro aAMMHMCTpaTopa 
CMCTeMbi. flne AOMeHHwx KOHTpo/inepoB 3 tot 
naponb saAaeTcn Ha arane paOoTw MacTepa 
DCPROMO MnM npM homoiam KOMaHAw ntdsu- 
til.exe c Aa/ibHeiiiiJMM BwOopoM pewMwa 
Set DSRM Password. 

flpewAe 4eM nanaTb paOoTy c xoMaHAaMM, 
neoOxoAMMo npoeepMTb cocTosHMe wecTKoro 
AMCxa. fl/in 3Toro Mcno/ibayeTcn KOManAa 
chkdsk /F /R. 

EcnM KOMaHAa chkdsk ne mowot pemMTb 
npoO/ieMbi wecTKoro Ancxa, to (fiaM/iOBan 
CMCTeMa MnM ocHOBHan sarpyaoHHafi aanncb, 
B03MOWHO, noBpewAeHbi vim HOAocTynnu. 
flonbiTaMTecb Mcnonb30B3Tb KOMaHAw fixmbr 
M fixbOOt Ann MX BOCCTaHOBneHMJI, b npoTMB- 

HOM cnynae npMAeTcn cosASTb pasAe/iw aa- 
HOBO M neperj/opMaTMpoBaTb woctkmm amck 
VIJIVI oOpaTMTbCfl B KOMnaHMM, KOTOpbie 3aHM- 
MaK/TCfl MX peMOHTOM. 



KpoMe Toro, HeBoaMowHocTb McnonsaoBa- 
HMJi Safe Mode A/in aarpyaxM CMCTeMw MoweT 
6biTb BbiaeaHa m noBpewAeHMeM CMCTeMHoro 
peecTpa Windows m/im aarpyaoHHwx (|)aM/ioB. 
SarpyaoHHbie (jiafi/ibi (Ntldr, Ntdetect.com, 
Boot.ini, Ntbootdd.sys — Ann KOHTpo/i/iepoB 
SCSI, bootfont.bin — p,nn /loxanMaoBaHHbix 
BepcMM Windows), pacnonoweHHbie b Kopne 
CMCTeMHoro paaAena, MoryTbwTb bocct 3 hob- 
/leHbi M3 KaTanora i386 Ha ycTanoBOHHOM 
AMCTpMbyTMBe Windows Server 2003. Oaiinbi 
CMCTeMHoro peecTpa KawAWM paa nocne co- 
3AaHMji KonMM System State (coctohhmji cm- 
CTeMbi) coxpaHjiioTcn Ha CMCTeMHOM paaAe- 
ne B KaTanore 7oSystemroot7o\Repair. 
klcno/ibayn Recovery Console, mo/kho boc- 
CTaHOBMTb noBpewASHHbie 4)aMnbi peecTpa 
M3 3Toro KaTanora b MCxoAHyio nanxy — 
7oSystemroot7o\system32\config. He aabyAb- 
Te npeABapMTenbHo coxpaHMTb Texymne (|)aM- 
nbi B Apyrofi xaTanor nepeA Bwno/iHeHMeM 
3TOM npoL(eAypbi BoccTaHOB/ieHMji. flocne 
3Toro peecTp Windows 6yAeT coAep/xaTb mh- 
(J/opMaAMK), xoTopan cyiAecTBOBa/ia Ha mo- 
MeHT BbinonneHM/i nocneAnero xonMpoBaHMJi 
COCTOBHMJI CMCTeMbi. Bce M3MeHeHMJ1, npOM30- 
meABiMe b cMCTeMe nocne 3Toro MOMeHTa, 6y- 
AyT noTepnHbi noc/ie BoccTaHOB/ieHMji. EcnM 
peaepBHoe xonMpoeaHMe hm paay He npona- 
BOAM/iocb, TO B xaTanore Repair 6yAeT co- 
Aep/xaTbcn xonne ashhux, cAenannan neno- 
cpeACTBeHHo nocne ycTanoBXM Windows. 

ABapMMHoe 

BOCCTOHOBHeHlie CMCTeiWbl 

Kax 6bi TO HM 6bi/io, cyiAecTByeT eeposiTHocTb 
BbixoAa cepeepa m 3 CTpoe. Pe/XMMw aarpyaxM » 
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cepsepa, laKne KaK Safe Mode m Last Known 
Good Configuration, Moryr nowoub BoccTano- 
BMTb CMCTewy. OAwaKo peaepBHbie Konnn 
Automatic System Recovery (aBapuunoro 
BoccTaHOBnenufl cucTewbi, ABC) flo/oKHw 6birb 
BKmoHenbi b perynspubm nnan no o6cjiy>KM- 
BauMK) cepBepa kbk nocneAHflfl BosMowHocTb 
BoccTaHOBneHMB Windows. 

ABC Bbino/iHBeT BoccTaHOBnenne cucreM- 
Horo pasAe/ia n coctobhub cncTewbi, neo6xo- 
AMMbix Ann sanycxa n padoTw KOMnonenTOB 
Windows Server 2003. 


flnn cosAanuB naOopa ABC neoOxoAMMo 
aanycTMTb waciep cosAannn Automatic 
System Recovery (puc. 3) ns nporpaMMbi ap- 
xuBapuM (ntbackup.exe). floTpeOyeTCB nyc- 
Tan AMCKera 1,44 MOanr, na Koiopyio 6yAyi 
coxpaneHbi uncfiopMaAMfi o6 apxuae, koh(|)m- 
rypapuM amckb (ocnoBHoro v\m AUHaMMue- 
CKoro) M AaHHbie, neoOxoAMMbie Arm Bbinon- 
HeHMB npopeAypw BoccTaHOBnenuB, a TaKrxe 
nyib K HocMTe/110 AauHbix apxuaa u run cawo- 
ro Hocme/m (puc. 4). 

B naOop 6yAei BKmoueH CMcieMHbm paa- 
Ae/1 nonnocTbio: System State, cucreMHbie 
cny>K6bi, a laKrxe (|)aM/ibi, CBBaanHbie c komuo- 
ueHTaMM onepapuoHHOM cucreMbi (puc. 5). 
PasMep (jranna apxuaa oObiuno cocraBnaeT 
He Menee 1,4 fOaMT. flocne cosAannB Ha6o- 
pa ABC Bbi AonrKHbi xpanuTb BMecie AMCxery 
M Hocmenb ABC, nocKonbxy Ban 6yAer HywHa 
MMeHHO 3T3 AMCKeia, HToObI MMeTb B03M0)K- 
HocTb BocnonbsoBaTbCB HocmeneM peaepB- 
Hoii KonwM. flMCKera ABC He BB/meTCB aarpy- 
aoMHOM, OHa Mower 6birb McnonbaoBana 



BoccTaHOBJieHMe CMcreMbi 


3a6jiaroBpeMeHHbie 

PesepBHoe KonMpoBaHMe 

PerynnpHoe peaepBHoe KonupoeaHMe 
Windows M System State nennercn xopo- 
LUHM aaAenoM Arm BoccraHOBJieHMB. B tom 
cnynae, ecnn bw He Mcno/ibsyere RAID- 
MaccMB, a CMcreMHbiH AHCK Bbimen mb 
crpon, TO Windows mowho OyAer Boccra- 
HOBMTb MB peSepBHOM KOHMM. fipM BTOM 
noTpeOyercn CHanana ycraHOBMTb HOByio 
KOHMio Windows Server 2003 nepeA boc- 
craHOB/ieHMeM mb apxMBa. CoBAaPiTe Ba- 
nnaHMpoBaHHoe saAaHMe no apxMBapMM 
System State m CMcreMHoro pasAe/ia. Tau 
we wenarenbHO BbinonHHTb KonupoBaHMe 
Bcex noKa/ibHbix KaranoroB, npeAocraB- 
neHHbix B oOu^MM AOCTyn. 3 to HeoOxoAMMO 
Arm Toro, HToObi nocjie BoccTaHOB/ieHMn mb 
nojiHOM peBepBHOM KonMM Bce oOLAMe nan- 
KM no-npewHeMy ObuiM AocrynHbi Arm foiM- 
eHTOB cepBepa. fl/m conocTaB/ieHMS no- 
KanbHbix nanoK c oOlammm nanuaMM mb 
KOM aHAHOM CTpOKM BOCnOJlbByMTeCb KO- 
MaHAOM net share. 

KOHCO/lb BOCCTaHOBneHHfl 

HecMOTpn Ha to hto mokho sanycTMTb 
KOHCO/lb BOCCTaHOBneHMH, sarpysMBUJMCb 
HenocpeACTBeHHO c ycTaHOBOHHoro CD, 


Mepbi 

HaMHoro 6onee yAoSnoM HBnneTcn ee yc- 
TaHOBKa B MeHK) BbiOopa BapMaHTOB sa- 
rpysKM Windows. HroObi ycraHOBMTb koh- 
COJlb BOCCTaHOBneHMH, OTKpOMTe MOHIO 
“Start ^ Run... II m HaOepMTe d:\i386\win- 
nt32.exe /cmdcons, TAe d — OyKBa Bame- 
ro npMBOAa CD-ROM. 

SarpysoHHan ABCKera 

3arpyaoHHan AncKera Mower noMOHb b 
TOM cnyuae, ec/iM 6bmM norepnHbi cpaPinbi 
sanycKa Windows. Ona He HBcmeTcn Ka- 
KMM-To yHMBepcanbHbiM cpeACTBOM sanyc- 
Ka Arm KawAOM MaujMHbi Windows Server 
2003. OAHaKO ecnM y Bac craHAapTHan 
KOHCpMrypaqMH HeCKO/lbKMX KOMUbtOTepOB, 
TO BTa AncKera OyAer paOoTaTb TonbKO y 
Tex MaujMH, y KOTopbix OC ycTaHOBnena na 
OAMHaKOBbie sarpysoHHbie pasAenu (k npM- 
Mepy, TO/ibKO C:\). flrm cosAaHMH raKOM 
AMCKeTbi cneAyer CKonupoBarb na nycryio m 
OTC popMaTMpoBaHHyio AncKery cpaPinbi: 
NtdetecLcom, Ntidr, boot.ini (a rauwe cpaPin 
bootfontbin Arm noKa/iMSOBaHHbix CMcreM 
M Ntbootdd.sys Arm KOHTponnepoB SCSi). 
3tm cpaPinbi pacnonowenbi b Kopne CMcreM- 
Horo/sarpysoHHoro pasAena (no yMonna- 
HMK) OHM MMeiOT aTpMQyT «CKpblTblM»). 



TonbKo Arm oObeAMHeHHji Hadopa BoccraHOB- 
neHMfl c ocHOBHoro HocMTenn. 

Hadopbi aBapMMHoro BoccraHOBneHMs bw- 
no/iHBK)TCJi nporpaMMOM apxMBapMM toabko 
B MHTepaKTMBHOM peWMMB. HeAb3fl HaSHaUHTb 
aannaHMpoBaHHbie aaAaHMB no mx coapaHMio. 
PeKOMeHAyercfl cpenarb Hadop ABC cpaay no- 
cneycraHOBKM m nepBOHauaAbHOM HacrpoMKH 
Windows. 3 to odecneuMT HauaAbHyio Tonxy 
BoccTaHOBAeHMA B dyAyipeM. KroMy we 
apxMB, CAenaHHbiM npM noMoipM Macrepa 
Automatic System Recovery, Mower 6wTb 
McnoAbaoBaH Ann pyuHoro BoccTaHOBneHMn 
nocne ycraHOBKM hobom koomm Windows. 

BoccTOHOBneHMe 
M3 peSepBHOM KOHMM 

CaMbiM nocneAHMM BapuaHTOM nBAneTcn boc- 
craHOBAeHMe na peaepBHoii koumm, KOTopyio 
Bbi perynapHo AoawHbi dwAM Aenarb Ha pado- 
raKriAeii CMcreMe. flna ee McnonbaoBaHMa ne- 
odxoAMMO ycraHOBMTb HOByio koomk) Windows. 
EcAM AOKaAbHbIM AMCK ABAaeTCa padoTO- 
cnocodHbiM, TO yABAaeM cyipecTByioiAMM cm- 
creMHbiM paaASA m coaAaeM HOBbiii (npn 
3TOM paaMep hoboto paapena Aoriwen duTb 
He MeHbme, aeM y npewnero). YcTanaBAMBaeM 
HOByK) KonMK) Windows Server 2003 na tot we 
caMbiM paaAfiA, rAe paaMeipanacb Windows 
panee. flocAe aroro mowho npucTynuTb 
K BoccraHOBAeHMK) Ma peaepBHOM koomm. 

PlMeMTe B BMAy, hto KorAa BbinoAHaerca 
ycTanoBKa Windows Server 2003, to He npo- » 
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» M3BOflMTCJi aanpoc na usMeHeHne Kara;iora 
ycTaHOBKM no yMonHaHnio. Karanor no yuo/i- 
HaHMK) 6yA6T \WIND0WS. 

HeB03M0>KH0CTb yKa3aHMB ycTaHOBOHHoro 

Kara/iora b npopecce nHCTaji/utpun m ko- 
MaHflHoii crpoKM o6biHHo 3HaHeHMji He MMeer, 
HO TO/IbKO AO Tex HOp, HOKa He B03HMKHyT 

npo6aeMbi c CMcreMHbiM paape/ioM m/im noxa 
Bbi He nepe(|)opMaTMpyeTe mcxoahwh pa3As;i m 
He nepeycraHOBMTe Windows, flnsi roro hto6w 

MMeib B03M0)KH0CTb BOCCTaHOBMTb CMCTeMy 
M3 peaepBHOM kohmm, bw ao/okhu ycranoBMib 
Windows Server 2003 b cMCTewHbiM xaranor 
c Tew )xe MMeneM, KOTopbiPi oh Mwe/i b mcxoa- 
HOM CMCTewe, m Tonbxo aarew BwnonHMTb boc- 
craHOBneHMe noBepx hobom kobmm Windows. 

rioneMy 3to nB/ineTcn BarxHbiM Ann nac? 
nporpawMa apxMBapMM (ntbackup.exe) mo- 

wei BOCCTaHOBMTb AaHHbie M 3 peaepBHOM ko- 
HMM B anbTepHaTMBHoe MecTono/ioweHMe, ho 
3TO He oTHocMTcn K BoccTaHOBneHMK) System 
State, a BeAb MnenHo oho noMoweT BepnyTb 
pa6oTocnoco6nocTb cMCTewbi. K TOMy rxe 
ecnM Bam CMCTewHbiM xaTanor ne HocMn mmji 
\WIND0WS, TO Hen ban 6yAeT BwnonHMTb non- 
Hoe BoccTaHOBneHMe 6ea nepeycTanoBKM 
Windows Server 2003 b xaTa/ior c MCxoAHbm 
Ha3B3HMeM. OObiHHo noAoOHaji CMTyapMji bo3- 
HMxaeT, ecnM npeAbiAyiuan koomb Windows 
2000 Server nepeA ee oOnoBneHMeM ao 
Windows Server 2003 naxoAMnacb b ApyroM 
KaTanore (\WINNT), b peaynbTaTe Hero 6bmo 
coxpaneHo CTapoe HaaeaHMe xaranora. 

Kax MorxHo aacTaBMTb Windows CMOHMTb 
xaTanor? 3to orpaHMneHMe o6xoamtch b cne- 
AyxiiAMx cnynajix: ecnM xacanor \WINNT y>xe 
cyipecTByeT, to moixho BbinonHBTb aBTowaTM- 
Hecxyx) ycTaHOBxy c yxaaaHMew napaweTpa 
TargetPath=... b (Jjaii/ie otbbtob m/im nyTew 
BbiOopa HOBoro xaTanora b AononHMTenbHbix 
napaneTpax npM sanycxe nporpaMMw win- 
nt32.exe m3 yrxe ycTaHOB/ieHHoii xohmm 
onepapMOHHOM CMCTewbi. 




VAoSHee Bcero BocnoBbaoBaTbcn ycTanoB- 
XOM Windows B anbTepHaTMBHWM CMCTeMHbIM 

xaTanor %SystemRoot% npM oomoiam napa- 
MBTpa TargetPath=NAMEWINDIR. 3 tot cnoco6 

MOrXHO MCnOBb 30 BaTb M npM yCTaHOBXe c xom- 
naxT-AMCxa Windows Server 2003. HcnoBbsyn 
OnoxHOT, co 3 AaMTe winnt.sif, coAsprxa- 
LAMM npeACTaaneHHbie HM>xe napaweTpbi, m co- 
xpaHMTe ero Ha Ancxery. VOeAMTecb b tom, 

HTo ctiaiin HaabiBaeTCB mmbhho winnt.sif m ne 
MMeeT AoOaBOHHoro paciuMpeHMs .txt. 

[Unattended] 

UnattendMode=GuiAttended 

0emPreinstalL=No 

TargetPath=WINNT 

(rAe WINNT — 3 to nasBaHMe Bamero CTa- 
poro xaTanora) 

[data] 

unattendedinstalL=yes 

msdosinitiated=0 

BbinoBHMTe aarpyaxy c CD npM 3 tom amc- 
xeTa c ([laMnoM otbbtob Aonrxna HaxoAMTbcn 
B AMCX0B0A6. riporpaMMa ycTaHOBXM boc- 
noBbayeTCfl napaMOTpaMM ([laMna otbbtob m 
coaAacT TO mmb cMCTeMHoro xaTanora, xoto- 
poe yxaaaHHo b napaMBTpe TargetPath. 

riocne ycneiiJHOM ycTanoBXM Windows 
Server 2003 b xaTanor co CTapwM Haaaa- 
HMBM Mcno/ibayMTe nporpawMy apxMBapMM 
(ntbackup.exe) Ann BbinonHeHMB nonnoro 
BOCCTaHOB/ieHMB CMCTBMbi (BxnxiHan System 
State) c nocneAHBM peaepBHOii xonMM. 
Heo6xoAMMo BocnonbaoBaTbcn AononHM- 
TenbHbiMM napaMBTpaMM m yxaaaTb perxMw 
aaMBHbi cyipecTByxMAMx AaHHwx Ann boccta- 
HOBneHMB (fiaMnoB, y>xe MMexriAMxcn Ha 
xoMHbxjTepe. 3 to obecnenMT BoccTaHOBne- 
HMH Bcex c()aMnoB m 3 Baineii peaepenoM xo- 
HMM, B npoTMBHOM cnyHae npM coBnaAfiHMM 
MMBH ([laMnoB apxMBa m ifiaMnoB hobom xo- 
HMM CMCTeMbI (fiaMnbl M 3 apXMBa BOCCTaHOB- 
neHbi He OypyT (pMC. 6). 


ripM BoccTaHOBBBHMM System State aombh- 
Horo xoHTpon/iepa, xoTopwM nBnnncn bamh- 

CTBBHHblM B AOMBHB, HBobxOAMMO yCT 3 HOBMTb 

napaMBTp «When restoring replicated data 
sets, mark the restored data as the primary 
data for all replicas» («flpM BoccTanoBneHMM 
pen/iMAMpyeMbix nabopoB ashhux noMenaTb 
BoccTaHOB/ieHHbie AaHHbie xax ocHOBHwe Ann 
Bcex pennMx») (pMC. 7). B 3 tom perxMMe 6y- 
ABT nocTpoena HOBan 6aaa AaHHwx Ann cnyix- 
6bi pennMxariMM ([laMnoB (ntfrs) m 3 AaHHWx, 
pacnonoixeHHbix b cmctbmhom xacanore 
SYSVOL Tojibxo 3TOTO xoHTponnepa AOMena. 
EcnM npoM3BOAMTcn BoccTaHoaneHMe oAHoro 
M 3 HecxonbXMX AOMBHHbix xoHTponnepoB, TO 
ynoMnnyTbiM napaMBTp yxaawBaTb He nyixHo. 


floABOAn MTom 

A6co,nK)THo HaAe>KHOM onepaunoHHOM cm- 
cieMbi He cymecTsyeT, v\ noaroMy Heo6xoflM- 
Mo noAroTOBMTbCfl K ee c6oio. fl/iJi aroro 
cn/iaHMpyMTe npoueAypy BoccraHOB/ieHHfl 
M cocraBbie onMcaHMe KOMnoHeHTOB cepsepa 
M ero HacTpoeK b cooTBercTBHM c aaAaHaMM, 
pemaeMbiMM b Bamew ;ioKa,nbHOM ceiM. 

■ ■ ■ BnaAMMVip Ejiviceen 



CMCTCMa ASR 


LUar 30 luotom 


HTo 6 bi BOCCTaHOBMTb onepauMOHHyKD CMC- 
TeMy nocae c 6 oh, Mcnoabsyn Automatic 
System Recovery HeoSxoAMMO Bbinoa- 
HMTb caeAyioLAMe Hecao>KHbie marM. 

1. riepeA HanaaoM npoueAypbi BoccTa- 
HOBaeHMH y Bac Aoa>KHbi 6 biTb: 

- cosAaHHaH sapanee AUCKeTa ABC; 

cosAaHHbiM sapaHee HOCMTeab c apxM- 
BOM CMCTeMHoro pasAeaa; 

KOMnaKT-AMCK c A^^CTpM 6 yTMBOM; 

► ecaM B CMCTeMe McnoabsyeTCH KOHTpoa- 
aep AUCKOBbix MaccMBOB MaM HaKonMTe- 
aeM, TO HeoGxoAMMO MMeTb Apa^Bep A-nn 
Hero Ha OTAoabHOM AUCKeTe. 

2 . BbinoaHMTe sarpysKy c ycTaHOBOHHoro 
AMCKa Windows Server 2003 . 

3 . EcaM ecTb AonoaHMTeabHbiM ApaMBep, 
ynoMHHyrbiM Ha nepBOM mare, Ha>KMMTe 
KaaBMmy F 6 , htoOn ero McnoabsoBaTb b 
npouecce MHCTaaanuMM. 

4 . Ha>KMMTe F 2 , KorAa pe>KMM ycTanoBKM 
npeAao>KMT 3 to CAeaaTb BHMsy anpaHa. 
BcTaBbTe B Ai^CKOBOA A^CKeTy ABC. Flo- 
cae Hero cmctomb BbinoaHMT bocctbhob- 
aeHMe b aBTOMaTMHecKOM pe>KMMe. 
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